Windows 10 ADK/SDK WPT is not compatible w/ Windows 7 SP1 or Windows Server 2008 R2 SP1.

Applies to: Windows Server 2008 R2 SP1 Windows 7 SP1 One of the common questions regarding the analysis with Windows Performance Analyzer (WPA) is, we captured an ETL trace using the “Windows Performance Recorder” (WPR or WPRUI) and we are not able to load the symbols to view the functions (stackwalk). Cause: By design.  Our…

1

[Cross Post] Windows Defender ATP now also supports macOS, Linux, iOS and Android devices

Windows Defender Advanced Threat Protection (ATP) * (Post breach) now also supports macOS, Linux, iOS and Android devices. For details: Microsoft partners extend Windows Defender ATP across platforms https://blogs.windows.com/business/2017/11/08/microsoft-partners-extend-windows-defender-atp-across-platforms/#fkArlTUBziOplC1V.97 Yong More information: *a part of the Windows Defender Suite and not to be confused with Windows Defender Antivirus. What makes a part of the Windows…

1

wuauclt /detectnow in Windows 10 and Windows Server 2016

Applies to; Windows Server 1709 Windows Server 2016 Windows 10 Administrators trying to use wuauclt /detectnow will notice that it doesn’t do anything. In Windows 10, and Windows Server 2016 or newer, the command to scan “Windows Update” from the command line is: CMD (Run As Admin) c:\windows\system32\UsoClient.exe startscan Yong Reference: Demystifying “Dual Scan” https://blogs.technet.microsoft.com/wsus/2017/05/05/demystifying-dual-scan/…

1

How to measure Security product(s) overhead using FltMgr minifilter etw tracing on “Windows 7 SP1” and “Windows Server 2008 R2”.

Posts in this blog are provided “AS IS” with no warranties, and confers no rights as specified in the Terms of Use. Like everything in an Enterprise, they should be tested in a test environment before trying in a production system. Changed title from: Windows 7 SP1 and Windows Server 2008 R2 Steps needed to…

1

Windows 10 Enterprise Edition: Burn Win10 ISO to a USB key when running w/ UEFI

Posts in this blog are provided “AS IS” with no warranties, and confers no rights as specified in the Terms of Use. Like everything in an Enterprise, they should be tested in a test environment before trying in a production system. Applies to: Windows 10 1709 Windows 10 1703 From time to time, when I’m…

1

Using XPERF to capture ETL traces for Slow Logons

Applies to: Windows Server 2016 Note:  Also applies to Remote Desktop Servers (RDS) Windows 10 Windows Server 2012 R2 Note:  Also applies to Remote Desktop Servers (RDS) Windows 8.1 Windows Server 2012 Note:  Also applies to Remote Desktop Servers (RDS) Windows 8.0 A common question that I get is: How do you take a slow…

1

How to collect a good boot trace on Windows 10 or Windows Server 2016 using WPRUI.

Applies to: Windows Server 2016 Windows 10 Windows Server 2012 R2 Windows 8.1 Windows Server 2012 Windows 8.0 Ok, so you went through my old pal Jeff Stokes post: How to collect a good boot trace on Windows 7 https://blogs.technet.microsoft.com/jeff_stokes/2012/09/17/how-to-collect-a-good-boot-trace-on-windows-7/ So how do you go about doing that in Windows 10 or Windows Server 2016?…

0

"Unsupported cluster configuration" VMM

Applies to: System Center Virtual Machine Manager (SCVMM) CB (2016) Windows Server 2016 Hyper-V 2016 In Virtual Machine Manager (VMM), the VM’s show up as “Unsupported cluster configuration”. The following WMI query gwmi -Namespace root/microsoft/windows/storage -class MSFT_PhysicalDisk would return a blank value. gwmi -class Win32_diskdrive would return a value. So it was specific to the…

0

How to troubleshoot a handle leak using ETW (WPRUI/WPR/Xperf) tracing?

Applies to: Windows Server 2016 Windows Server 2012 R2 Windows Server 2012 Does not apply to: Windows Server 2008 R2 Windows Server 2008 Windows Server 2003 The reason is, the handle etw tracing wasn’t added to the Windows OS kernel until Windows Server 2012. For these older OS’es the following still works: How to troubleshoot…

0