Taking a circular netmon capture from the command prompt

You’ve probably heard that netmon3.1 is out, but you might not know that you can easily launch a capture at the command prompt.  I find this useful when we’re waiting on a repro, we want a capture, but we don’t know when that’s going to happen.  Sure you could set this up in the GUI…

2

Hey Admins! Taking some of the pain out of analyzing perfmon captures.

Performance Analysis of Logs (PAL) tool Project Description: Ever have a performance problem, but don’t know what performance counters to collect or how to analyze them? The PAL (Performance Analysis of Logs) tool is a new and powerful tool that reads in a performance monitor counter log (any known format) and analyzes it using complex,…

1

SystemRootSystem32RDPDD.dll failed to load

  This is an FYI post for an issue we’ve seen on a couple of Windows 2003 SP2 servers internally.  Hopefully if someone hits this in the wild they’ll be able to find this post on the intertubes. Symptom: When attempting to connect from the client via RDP,  you would click “connect” and then soon…

114

Need to get IPCONFIG /ALL from a computer remotely?

I know people have scripted this, but this is so much easier…  You could use PSExec for running other commands as well, but someone recently asked me an easy way to get the IP info so here it is.  If you just want to be sitting at a command prompt on the remote computer then…

10

Kernel stack not resident (Using .pagein)

You might find yourself debugging an issue and a thread you are interested in is paged out.  Here’s the steps to use to page in the stack for the kernel side and user side…   Be careful when doing this on a live machine that you want to release after debugging as paging in certain section…

2

Domain not available when trying to TS onto a Windows 2003 server.

Issue came in this week where when you attempted to logon to a server it would not authenticate your request and would give you a message indicating the “domain is not available”.  If you tried logging on via your UPN, then it would give a slightly different error message indicating that “there is not enough storage to…

5

The case of Windows Defender not starting.

Had a client whose machine would not load Windows Defender, each time it was opened it would eventually die on initialization: Log Name:      ApplicationSource:        Application ErrorDate:          8/13/2007 4:03:10 PMEvent ID:      1000Task Category: (100)Level:         ErrorKeywords:      ClassicUser:          N/AComputer:      server1 Description:Faulting application MSASCui.exe, version 1.1.1505.0, time stamp 0x45ad8d6e, faulting module ntdll.dll, version 6.0.6000.16386, time stamp 0x4549d372, exception code…

1

How to know if TCP offload is working

  So you went out and got yourself a new server and it came with TOE functionality, and now you’re playing Windows 2008 which has TCP offload enabled but you just want to know if its actually offloading traffic.   Here’s the only way I know of finding what traffic is offloaded without setting breakpoints in the debugger. First off…

20

Are there pending operations waiting for a reboot?

Sometimes you might log onto a server and wonder if there have been patches installed and thing needs to be rebooted.  Well if the patch wanted to replace a file that was in use by the system (like NTFS for example) then it populates a certain key in the registry, you could check this key…

0