Smarter than polling Suppose you want to know if a network adapter is connected. If you read our last WMI blog post , you're already clever enough to solve this handily: just query MSNdis_LinkState and execute the WmiQueryLinkState method. This is...

Getting fancy with PowerShell and WMI Last time we got our feet wet with a simple PowerShell script to query Ethernet MAC addresses. It looked easy, but of course, it requires you to know the magic WMI class name "MSNdis_EthernetCurrentAddress". How...

Are you targeting Windows 8 or Windows Server 2012? You don't need anything from here! These operating systems already include all the TMFs you'll need in the PDB from the Microsoft Symbol Server. For Windows 7 and Windows Server 2008 R2, here is a...

Industrial-strength tracing in an industrial-strength debugger Last time we talked about controlling WPP from the command-line.  This is great if you need to send instructions to a customer to collect logs, or if you want to automatically enable...

Industrial-strength tracing WPP is similar to DbgPrint. In fact, for NDIS.SYS, WPP and DbgPrint trace exactly the same messages. However, WPP is easier to enable and works on retail versions of NDIS.SYS. These advantages mean that WPP can be enabled...

Tracing made easy Starting with Windows 7 and Windows Server 2008 R2, NDIS can be configured to emit certain diagnostic information to the event log.  The event log is very easy to use, and it doesn't require any special tools.  It's especially...

Evolving beyond DbgPrint I'd like to take a break from our series on WMI (don't worry -- more WMI is coming soon!) to respond to a recent discussion in the community. Traditionally , we've used DbgPrint to debug NDIS issues. This is convenient, since...

*PWN = PowerShell, WMI, and NDIS WMI is frequently misunderstood. WMI is a large collection of technologies designed to help you manage computers. Most commonly, you'll see IT pros using WMI (usually via VBScript) to do something funky across their...

Chapter three of a beginner’s guide to debugging with NDISKD In Part 1 of the series , we set up a kernel debugger. In the second installment , we took a closer look at ndiskd’s output for miniports. Today, we will use what we know to debug...

The second installment of a beginner’s guide to debugging with NDISKD Last time we set up the debugger, looked at !ndiskd.help , and dumped out a table of active miniports. Today we’ll continue our laboratory by examining a specific miniport...

Part 1 of a beginner’s guide to debugging with NDISKD If you haven’t already, grab the updated WDK with its new ndiskd debugger extension . You’ll need it for today’s laboratory exercise: getting started with ndiskd. If you...

Over a decade of making NDIS developers dangerous Today we released a new version of the WDK.  This release has an updated version of the debuggers, including an overhauled version of ndiskd. Ndiskd is a debugger extension written by the NDIS team...

A grammatical kinship between NDIS and tennis If you've ever programmed a WDM driver, you're probably familiar with the difference between a DRIVER_OBJECT and a DEVICE_OBJECT. In NDIS, we also differentiate between a driver and a running instance created...

A surprise indeed From time to time, miniport authors ask us whether they really have to support surprise removal.  After all, they explain, their device is embedded in the system — it’s not physically possible to remove it without a soldering iron...

One request at a time, please While we have lots of documentation on MSDN, occasionally the high-level concepts get drowned out by all the details. Today I want to draw attention to an important point regarding OID requests. Recall that protocols...

Now with witty subtitles Lately things have been quiet on the NDIS blog. But that’s about to change, because we’ve got some new blog posts lined up for you. We’ll start things off this week with a discussion on OID requests. If you would like to...

The DTM that shipped in the Windows Vista RTM timeframe contains two versions of the NDISTest tool, v.6.0 and v.6.5. You can run both of these tools manually outside the DTM. Running the tools manually gives you flexibility in selecting which tests to...

The MSDN document summarizes the cause for the D1 (IRQL_NOT_LESS_OR_EQUAL) pretty well, for people who know how the memory manager in Windows works. It basically says that the cause is: A driver tried to access an address that is pageable (or that is...

I have read a lot of posts in multiple forums on the internet where people ask "My machine keeps bluescreen-ining, what do I do?"... a common response is "Reinstall Windows and the problem will most likely go away". This is a wrong answer because if you...

Welcome to the NDIS and NDISTest blog... we are just getting started so be patient. We want this blog to be a place where you can come and learn about the latest NDIS APIs, NDISTest test tool, get answers to your questions and more... stay tuned.....