LSA Package Is Not Signed as Expected Credential Guard Error
Local Security Authority is part of the Windows Client Authentication that authenticates and creates a logon session to the local computer. Meanwhile, it also maintains information about all aspects of local security on a computer. However, you might notice the following warning in Event Viewer after updating to Windows 22H2:
Event ID 6155. LSA package is not signed as expected. This can cause unexpected behavior with Credential Guard.
This error indicates that LSA is unable to recognize and authenticate a user when signing in. The cause of LSA package is not signed as expected event ID 6155 can be bugs in Windows update, incompatibility with third-party programs, and unnecessary changes in registry keys. Luckily, you can fix this error easily with the workarounds below. Without wasting more time, let’s dive into it now!
Before proceeding with any troubleshooting steps for Event ID 6155, you should make a copy of your important data because this error is related to the local security of your computer. Here, it is strongly advisable to rely on the Windows backup software – MiniTool ShadowMaker. With a backup copy of your crucial data, you can restore it with ease when data loss or corruption happens.
MiniTool ShadowMaker TrialClick to Download100%Clean & Safe
How to Fix LSA Package Is Not Signed as Expected on Windows 10/11?
Fix 1: Uninstall Recent Updates
LSA package is not signed as expected Event ID 6155 can be caused by some Windows bugs. Some users reported that they get rid of this error by uninstalling the recent update. Here’s how to do it:
Step 1. Press Win + I to open Windows Settings.
Step 2. In the settings menu, scroll down to find Update & Security and hit it.
Step 3. Under Windows Update, click on View update history > Uninstall updates > find the latest update > hit Uninstall to confirm the action.
Fix 2: Enable LSA Protection via Registry Editor
Another way to enable LSA protection without warning is via Registry Editor. Here’s how to do it:
Step 1. Press Win + S to evoke the search bar.
Step 2. Type registry editor and hit Enter.
Step 3. Go to the following location:
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa
Step 4. In the right panel, find RunAsPPL > double-click on it > set the value data to 1 with a UEFI variable (set value data to 2 to configure the feature without a UEFI variable on Windows 11 version 22H2).
If you don’t find the RunAsPPL value, follow these steps to create a new one: right-click on the blank space on the right panel > select New > DWORD (32-bit) Value > name it RunAsPPL.
Step 5. Quit Registry Editor and restart your computer.
Fix 3: Turn off Credential Guard
LSA package is not signed as expected indicates that Windows Defender Credential Guard might show unexpected behavior. Therefore, you can consider disabling this feature using the following method:
Step 1. Press Win + R to open the Run box.
Step 2. Type regedit.exe and hit Enter to launch Registry Editor.
Step 3. Locate to the following path:
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa
Step 4. In the right-side panel, right-click on the empty space to choose New > DWORD (32-bit) Value > name it as LsaCfgFlags.
Step 5. To disable Credential Guard, double-click on it and set its value data to 0.
Step 6. Save the changes, quit Registry Editor and restart your PC.
![[Fixed!] Error 0xc0210000: BitLocker Key Wasn’t Loaded Correctly](https://mt-test.minitool.com/images/uploads/2023/06/0xc0210000-thumbnail.png)
About The Author
Position: Columnist
Aurelie is a passionate soul who always enjoys researching & writing articles and solutions to help others. Her posts mainly cover topics related to games, data backup & recovery, file sync and so on. Apart from writing, her primary interests include reading novels and poems, travelling and listening to country music.