How to capture a manual dump of the wspsrv.exe process on TMG 2010?

Recently I received a question from a TMG Admin saying that can’t install DebuDiag on Windows Server 2008 since it is not supported and therefore don’t know how to catch a user mode dump of the wspsrv.exe process on TMG 2010. The good news is that with Windows Server 2008 the task of getting a manual dump of a process is even easier since it doesn’t need any additional tool; this capability is built in on the system. Just open Task Manager, go to Processes tab, highlight the wspsrv.exe process, right click on it and choose Create Dump File.

image

Easy isn’t it?

Having a dump of the wspsrv.exe process using this approach can be useful for the following scenarios:

  • Firewall Service stops answering and you have to restart it in order to go back in production.
  • Firewall Service hangs on “Starting” or “Stopping” state.
  • Firewall Service is consuming a high amount of CPU or memory.