Event ID/Source search
Keyword searchExample: Windows cannot unload your registry file
Event ID: 2027 Source: Srv
The server has detected a potential Denial-of-Service attack caused by consuming all the work-items. Some connections were disconnected to protect against this. If this is not the case please raise the MaxWorkItems for the server or disable DoS detection.
|English: Request a translation of the event description in plain English.|
This event is due to overwhelming request on a Windows server that it cannot handle. In some cases, the system locks up and the only way to get to it is to reboot. You need to make a registry entry for MaxWorkItems. Always check Microsoft Technet for this kind of issues. Using regedit, go to HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\LanmanServer\Parameters, right click, choose New, click DWORD Value and enter "MaxWorkItems". Double click it and choose decimal under the Base option, and put a value data between 1 and 65535. Microsoft advices using 4096 and doubling this value until the server's WorkItemShortage is below 3 (this can be monitored with Microsoft performance monitor Server\WorkItemShortage).
Note: Registry modification is at your own risk. Always backup your registry before making any changes to it.
|Private comment: Subscribers only. See example of private comment|
|Search: Google - Bing - Microsoft - Yahoo - EventID.Net Queue (0) - More links...|
Send comments or solutions
- Notify me when updated