@Carl Fan
I have completed the above, I have also opened a case with Microsoft, however i do not want to sit on my hands and wait. I wont pretend to understand anything about the output that i was able to get by sending the dump file through WinDgb but i do recognize kerberos, rpc and lsasrv references in the meat here.
Any additional guidance is appreciated.
Loading Dump File [lsass.exe.736.dmp]
User Mini Dump File with Full Memory: Only application data is available
Symbol search path is: srv*
Executable search path is:
Windows 10 Version 14393 MP (4 procs) Free x64
Product: Server, suite: TerminalServer SingleUserTS
10. 0.14393.4283 (rs1_release.210303-1802)
Machine Name:
Debug session time: Thu Mar 25 11:27:19.000 2021 (UTC - 5:00)
System Uptime: 0 days 0:17:45.250
Process Uptime: 0 days 0:16:24.000
................................................................
........................
Loading unloaded module list
.........
This dump file has an exception of interest stored in it.
The stored exception information can be accessed via .ecxr.
(2e0.308): Access violation - code c0000005 (first/second chance not available)
For analysis of this file, run !analyze -v
ntdll!NtWaitForMultipleObjects+0x14:
00007ffd`0f196714 c3 ret
0:003> !analyze -v
Exception Analysis
NTGLOBALFLAG: 0
APPLICATION_VERIFIER_FLAGS: 0
EXCEPTION_RECORD: (.exr -1)
ExceptionAddress: 00007ffd0a901088 (7zp+0x0000000000001088)
ExceptionCode: c0000005 (Access violation)
ExceptionFlags: 00000000
NumberParameters: 2
Parameter[0]: 0000000000000000
Parameter[1]: 0000000000000000
Attempt to read from address 0000000000000000
PROCESS_NAME: lsass.exe
READ_ADDRESS: 0000000000000000
ERROR_CODE: (NTSTATUS) 0xc0000005 - The instruction at 0x
EXCEPTION_CODE_STR: c0000005
EXCEPTION_PARAMETER1: 0000000000000000
EXCEPTION_PARAMETER2: 0000000000000000
SYMBOL_NAME: 7zp+1088
MODULE_NAME: 7zp
IMAGE_NAME: 7zp.dll
STACK_COMMAND: ~3s ; .ecxr ; kb
FAILURE_BUCKET_ID: NULL_POINTER_READ_c0000005_7zp.dll!Unknown
OS_VERSION: 10.0.14393.4283
BUILDLAB_STR: rs1_release
OSPLATFORM_TYPE: x64
OSNAME: Windows 10
FAILURE_ID_HASH: {246499da-450d-519c-2828-615b768c8e9a}
Followup: MachineOwner