What happens when you get a Blue Screen of Death (BSOD)?  I'm sure almost everyone just says something like "____ Microsoft!"  Unfortunately, most of the time, you would just be using Microsoft as a scape goat.  Why?  According to Microsoft and other gurus, about 70-80% of crashes are caused by 3rd party drivers.  Yep, all those great toys you have hooked up to your computer and the software that control them are most likely responsible.

I have probably just blown your mind or you are probably full of skeptism.  Hopefully these debugging techniques can make you a believer….

Step 1:  Disable auto-reboot on a crash

Step 2:  Create a memory dump versus a Mini crash dump..  This will allow you to get more information from the dumps.

Step3:  Install Windows Debugger tools

Step4:  Set environment variable to automatically download symbols from the Microsoft symbol servers (WinDBG->Source Symbol Path->"srv*C:\symbols*http://msdl.microsoft.com/download/symbols")

Step5: Open the crash dump file located in C:\Windows or C:\Windows\minidump\

Step6: Run "analyze -v" to get list of drivers in the stack text.  If the driver points to one of the Windows core system files (ntoskrnl.exe, win2k32.sys, etc), then you probably have to dig a little deeper.

Step7: Additional helpful debug commands to run to find the culprit

kv – Looks at stack of current thread.  This is used for misdiagnosed analysis.  Look for suspicious drivers

lm kv – Shows version information (dates, etc) of currently loaded drivers to find updates for.

!vm – Check pool usage (if close to maximum, then it's a leaky driver)

!thread – looks at currently running threads

!process 0 0 – summary level display of processes during crash

!irp <irp from IRP List from !thread> – Associates drivers thread (it's a hint to investigate)

!poolused (needs to enable on xp and earlier) – Use with Strings 

!deadlock

Debugging mode (F8) – Use when no crash dump created…, needs to connect using usb (modify boot.ini) or serial from another system running windbg

   Windbg – File->Kernel Debug

   Debug -> Break to connect to crashed system

   .dump (saves dump information)

Hung system troubleshooting (computer freeze)

- Use crash on control-scrl-scrl (registry setting)

- Check other processors on multiple processors

   lm kv <driver name from stack>

Have you ever wanted to make a backup of all your printers, it's shares, the permissions for them, and the drivers on your print server?  Well, Microsoft has a very useful tool that does this.  Furthermore, it also does restores!  I couldn't believe my eyes either!  It's great for when you need to setup redundant print server configurations or when you are migrating print servers!

Here it is:

http://www.microsoft.com/WindowsServer2003/techinfo/overview/printmigrator3.1.mspx

Now-a-days, every business is mobile, which means a VPN connection is most likely needed.  The problem is when clients travel to hotels or other countries, where firewall compatiblity and configuration can cause connectivity issues.  Fortunately, there is an answer for this: SSL VPNs.  Since an SSL VPN connection is secure and allowed on almost all firewalls, remote users will have a much more reliable connection mechanism; no matter where they are.  To top it off, SSL VPN (SSTP) is a feature natively bundled with Windows Server 2008.  How cool is that?

How does SSL VPNs help?

• A NAT device doesn’t need to support PPTP in order for it to work.
• Specific ports aren’t required to be open on the firewall (think hotels and other countries).
• Connectivity can be made through web proxy servers.
• The small footprint VPN client is easily accessible.

Clients supported: Vista SP1+, Windows 7, Windows Server 2008

What are the high level steps involved to setting up Windows Server 2008 SSL VPN connections (SSTP)?

• Obtain a certificate to be used for your connections (just as if you are installing an SSL certificate for your website)
• Install IIS on the VPN server
• Request a certificate for the VPN server using the IIS Certificate Request Wizard
• Install the SSL certificate
• Install the RRAS server role on the VPN server
• Enable the RRAS Server and configure it to be a VPN server
• Configure the User Account to allow dial-up connections
• Update DNS (ie. vpn.company.com)
• Configure the Client to use SSTP and Connect to the VPN Server using SSTP

How-To configure Windows 2008 for SSTP VPN
1.  Install IIS on VPN server with all security settings marked for installation
2.  Create a Certificate Request in IIS console
a.  Make sure common name is actual Internet Hostname clients will connect to (e.g. vpn.company.com)
3.  Cut and Paste the certificate request into your SSL provider’s website
4.  Install any Intermediary certificates and your SSL certificate per your SSL provider’s instructions (DO NOT bind the certificate to a website in IIS)
5.  Install Routing and Remote Access
6.  Load the Routing and Remote Access MMC and run the wizard to enable it (Select Custom -> VPN if you are using only 1 NIC)
8.  Enable Dial-In access for the remote user’s AD account
9.  Enabled SSL connection (port 443) from the outside
10. Update DNS for the domain with the common name of the certificate
11. Test the SSL VPN connection by choosing SSTP in the vpn network connection properties

If the connection doesn’t work, make sure the proper certificate is bound following:
1.  Make sure the right certificate hash is bound (netsh http show  ssl)
a. If necessary, delete and readd the correct certificate binding…
1. Remove binding from IPv4 (netsh http delete ssl 0.0.0.0:443)
2. Remove binding from IPv6 (netsh http delete ssl [::]:443)
3. Delete registry entry for the hash (reg delete hklm\system\currentcontrolset\services\sstpsvc\parameters /v sha256certificatehash /f)
4. Add binding from IPv4 (netsh http add sslcert ipport=0.0.0.0:443 certhash=<replace with your cert hash> appid={ba195980-cd49-458b-9e23-c84ee0adcd75} certstorename=MY)
5. Add binding from IPv6 (netsh http add sslcert ipport=[::]:443 certhash=<replace with your cert hash> appid={ba195980-cd49-458b-9e23-c84ee0adcd75} certstorename=MY)

Helpful links to configuring SSTP VPN:

• A step-by-step guide to setting up your own SSTP server is to be found here.
• Troubleshooting help can be found here, here, and here.

As an IT Consultant, I often find myself mucking with the latest and greatest things before I would even consider recommending them to clients.  The down side to this is the time spent during a Saturday afternoon trying to install Windows 7 Professional 64-bit on my home desktop.  I was so impressed with the RC1 version, that I wanted to deploy it to my single desktop (can’t be worse than Vista… heheh)

Apparently, Windows 7 is very picky about the hardware/harddrive/partition/MBR it’s installed on.  When I ran the installation, my hard drive and the system partition would be displayed, but I could not get it to actually start the installation..

I tried the following, but to no avail:

• Installed latest drivers
• Deleted partition
• Reformatted newly created partition
• Removed external hard drive and USB key so the only thing left was a single 200GB HD and an IDE cdrom.
• Using diskpart to set the new partition as an ACTIVE partition

Looking at the setup logs (Shift-F10 -> notepad \windows\panther\setupact.log), I saw a bunch of “not system disk”, “not primary partition”, “not enough space”, “not good enough” errors…

Finally, I tried to think outside of the box.  I decided to repair my MBR and Boot record the old fashion way.  I booted off a Windows XP SP2 CD and ran the recovery console.  Once in, I ran “fixmbr” and “fixboot”.  I then rebooted into Windows 7 setup and was able to click Next to continue with the Windows 7 Professional installation.

Hopefully, this technique would work for most of you.  If it still doesn’t work for you, try making sure there’s no USB keys or any other storage device connected when you install.