Spat's WebLog (Steve Patrick)

When things go wrong...

Browse by Tags

Tagged Content List
  • Blog Post: Timeouts or delays connecting to WinRM

    Ran into an interesting issue the other day where WinRM connections were taking 15-20s per connection to the domain controllers and due to many connections from an automation system, connections would backup and then fail. The only real hint we had was from the WinRM logs: logman.exe start winrm...
  • Blog Post: DC fails logons or experiences LDAP timeouts

    DC fails logons or experiences LDAP timeouts This was an interesting one which rolled by recently, and it’s a looong post so I apologize ahead of time. Let’s start with the end user experience and move on from there: User(s) cannot send mail or retrieve mail from Exchange 2010 server...
  • Blog Post: Debugging managed code.. from a newb for managed code debugging

    Debugging managed code in WinDbg has never been my idea of fun. I wasn’t forcibly exposed to it enough I guess. For example, if you look at http://blogs.msdn.com/spatdsg/archive/2009/02/23/there-and-back-again-the-life-of-a-bug-and-fix.aspx there is like a 5 step process for setting a breakpoint...
  • Blog Post: Logging for MUI language packs

    Quick post.. If you are having errors when installing the MUI language packs on Win7\Server 2008 R2 - the logs are located in the users profile appdata path: C:\Users\Administrator\AppData\Local\Temp\lpksetup folder Here is a snip of a log for an example:\ SNIP: 15:30:50:034 : PERF: Create...
  • Blog Post: How to enable WPP tracing for a component at boot time?

    Been away for a while , busy with lotsa interesting online services projects ( my "new" group ) . I'll see if I can blog about any of those interesting tidbits.. in the meantime. WPP tracing is all over the place in Win7 – a quick count of registered providers shows 672 available providers via “logman...
  • Blog Post: There and back again.. the journey of a bug in ADFS

    Let's look at a bug fix.. end to end. So back in November, my friend Jim Simonet had posted a question about a problem with ADFS using ADAM as the auth store and specifying that it connect via LDAP over SSL. He could connect to ADAM via LDP on 636, so we knew ADAM and the certificate validation...
  • Blog Post: James saved me many hours of pain..

    Gotta love the internet. The Tubes. I was trying to install\reinstall IIS in Windows Server 2008 and it would not install. Web Server (IIS) Error: Attempt to install IIS Management Console failed with error code 0x80070643. Fatal error during installation Error: Attempt to install Static Content...
  • Blog Post: Create a Dump file with pagefile on non boot partition..

    The general advice in Windows is to place the paging file on the boot partition in order to get a crash dump file. Here is a snip from an older KB "... However, if you remove the paging file from the boot partition, Windows cannot create a dump file (Memory.dmp) in which to write debugging information...
  • Blog Post: High CPU utilization.. revisited

    Some of this post overlaps my previous CPU one , but the other one seemed a bit lopsided towards LSASS so I thought I would do another one which wasn't.. Below is a perfmon log where the machine is 80-90 cpu utilized. The first thing to determine is if the CPU usage is in kernel mode or user mode...
  • Blog Post: Dr Watson knows best..

    I recently worked on a case which involved a crash ( it was the MMC ) which didn’t have a lot of info attached to it. There was no crash dump file, and no live debug to go on. All that I had was a Dr Watson log. Who’s that you say? See here for some history of the good doctor. If you run drwtsn32...
  • Blog Post: Debugging services..

    How to debug Windows services covers the main points – but I think a common issue is debugging why a service won’t start. When the service is failing on start – you can’t simply start it and then quickly attach the debugger – you need to have the debugger attach to it on start. I like to...
  • Blog Post: The Conch Shell...and how DFS uses it.

    Ahh yes.. the conch shell . I run into weird problems all the time.. this was on of those weird problems. The high level statement was this: "Clients in remote sites are accessing mapped drives via explorer and the UI hangs for 10-15 minutes, they lose access to the mapped drive and on occasion...
  • Blog Post: Get a hotfix -- without having to call MS...

    In this new age of the internet... You now can obtain a hotfix without having to interact with a single soul ( no phone calls etc.. ) Easy and convenient. Take for example my previous post for the netlogon DCR - 928576 which doesnt even have a public article yet. Try it... http://support.microsoft...
  • Blog Post: Breakpoints 200

    Before I got distracted with cred roaming and new netlogon goodness… we were talking about breakpoints. We discussed basic commands and then saw some uses for the command string parameter. [ ~ Thread ] bp [ ID ] [ Options ] [ Address [ Passes ]] [ " CommandString " ] Some other things...
  • Blog Post: Breakpoints 101

    So I thought I would do something about breakpoints.. something basic and build it up to something useful. I use notepad for all the tests and the symbols path is: 0:002> .sympath Symbol search path is: http://msdl.microsoft.com/download/symbols The basic commands for breakpoints...
  • Blog Post: New Auditing in Vista

    Something that is not well known in Vista….this ain't your typical auditing. There is a HUGE amount of auditing that we added to the OS for system auditing. Let’s dig in and look at just one of them that previous OS’s never even came close to providing data on….. First – how to get to...
  • Blog Post: A few of my favorite things...debug commands

    Well. not really, I mean - not in the big picture right? Else that would be a sad existence indeed... talk about whacked priorities. I thought I would post a few debugger commands I like to use… some new to me, some oldies. But, there are times I suppose when these really are my favorite things...
  • Blog Post: What does CTRL+SysRq+SysRq do?

    Well, if you booted to debug mode - but not really, via /debug=disable, noumex (no user mode exception handling by the kernel debugger) switches, it will enable the kernel debugger. Useful if you have servers you have booted to debug mode but dont want to break in to the debugger at random times....
  • Blog Post: "How to crush a DC in 10 easy steps." or, what is debugging anyway?

    Before we move along, I should say that I look at stuff all day long and use all kinds of tools and different methods to fix problems. Many of the cases involve going through some source code of random component X in order to see where things blew up. As I mentioned in a previous post "Debugging...
  • Blog Post: Paged Pool , DFS and other ramblings..

    An interesting case came across my desk the other day. The initial symptoms were an unstable system which hung, quickly narrowed down to a memory resource issue. A quick rundown of the environment. The server's which were having issues were Server 2003 machines, primarlily used as web servers for...
  • Blog Post: What's bogging down your CPU?

    This was inspired from a case where we had multiple perf issues ( CPU utilization ) It is important to make sure you know where your problem really is, and 99% of the time I rely on perfmon to get accurate data related to this. I generally think of these 4 components as potential bottlenecks...
  • Blog Post: Memory leaks...

    I was all set to write up a great post on memory leaks, how to track them down etc.. blah blah blah.. but then I found this little gem http://support.microsoft.com/kb/268343 Heck I didnt even know we did KB's with video - just shows how much I know. Anyway, this article and video does a great job...
  • Blog Post: Random bookmarks for myself

    Interesting that I put bookmarks here - but my browser bookmarks are so full of stuff I cant find anything .. my fav search engine and this blog allow for me to find them easier.. Maybe IE should rethink its way it manages BM's? Or maybe I should.. Anyway.. WID dev resources: http://msdn...
  • Blog Post: Real men of Genius ( otherwise known as Neat Vista tools.. part 1 )

    I may never find the time to get to #2 ... but I think Ill start a list of all the things I find in Vista which I think are cool. Starting here. Now, with Vista - in a pinch I can get a userdump of a process ( albeit a mini dump ) with no xtra tools ( userdump.exe etc.. ) from task manager. I suppose...
  • Blog Post: Where was Windows File protection?

    Another odd one… More than a bit this time… Here is something to think about – and I don’t know why we don’t catch this. Maybe someone else has ideas. Machine was crashing every time we tried to do the same action – in this case it was a dcpromo. So each time at the same spot during...
Page 1 of 2 (29 items) 12