Man about town

Jeffs world, party time, excellent

Hi some random stuff of late…

Firstly, I had a head concussion, which is why I’ve been quiet lately…

I had a head concussion a year ago February. This article I wrote on my blog is about some recovery I did and some insights I think are worth sharing. The article is below. Enjoy!

Recovering from a concussion with music library

I have my old presentations up in a library on, you can find all the material at the site keenly named “Jeff’s Presentations“.

And now, it’s time to go to work.


How to trigger a full memory dump based on a user mode process exception

Scenario: You have something kernel related triggering crashes of user mode processes (you think). You are trying to prove it. You're told you need a full memory dump of the system at time of the crash of the user mode process.

How to do it?

Glad you asked! <edit>

(to back this out, delete the task, if something goes wrong and it boots in a crash loop, booting in safe mode should stop it too)

Step .5: Logon with an administrative rights account.  🙂

Step 1: Follow KB969028 so you are configured properly for a full memory dump.

Step 2: Download NotMyFault from here. Unzip to C:\notmyfault. Unblock the exe and sys files (if needed) by right clicking and selecting properties then selecting "Un-block":

Step 3: Run task scheduler and select "Create Basic Task…" in the right Actions pane:

Step 4: Give your basic task a clever name. Mine is 'crashme'. Click next.

Step 5: Answer the radio button question with "When a specific event is logged". See where I'm going with this?

Step 6: Set Log to Application, Source to Application Error and Event ID to 1000, as seen below:

Select Next.

Step 7: Select Next as we want "Start a program" selected and it's the default.

Step 8: Browse to C:\notmyfault\x<your system architecture here>\NotMyFault.exe. Add /crash as your argument and Start in should be "C:\notmyfault\<xwhatever>. As seen below for x64:

Select Next.

Step 9: check the box to open the task properties and click Finish.

Step 10: Check the box "run with highest privileges" and on the Settings tab uncheck "Stop the task if it runs longer than" box and click Ok.

Step 11: Wait for your app to crash. Enjoy.

Windows 10 VDI Optimization Script

Hello party people!

Dude here. Carl Luberti has worked some scriptastic magic on WIndows 10 to make it a friendly (er) VM guest for VDI. Edit – non-persistent pooled VMs may have issues. Undocumented/untested/etc.

Twitter post is here  and includes a nice picture I took at Gibbs Gardens in North Georgia.

If you prefer to go straight to the meat and potatoes, the script is now hosted in GitHub:

Carl's VDI Repo

And what has the dude been listening to lately? What have I been up to, one might ask?

I fell in February actually and fractured my skull. I am recovering from a head concussion still and therefore don't have a lot of interesting things to report, other than, well, mistakes I make at work because I can't remember things?

Yay me?

Oh hey I did a VDI webinar with eGinnovations, you can see it here.

And check this out as well (not me but neat). Unidesk has some real magic to show you on VDI.

And what have I been listening to?

Right now, out of character for me, is Boz Scaggs and Duane Allman, singing Loan Me a Dime.

How To: Collect ETL/WPT tracing diagnostics when you can never logon to the host.

First, guess who's back?!

Me! I left Microsoft of my own accord last year. I came back. I wrote this about my experience, I hope you enjoy it.

There and back again, an IT tale…

Anyways, I was asked a few times recently, Dude, how do you collect an ETW trace for boot/logon if the machine never lets you logon? Is this a chicken/egg scenario?! We need the trace to find out why we never get to desktop, we can't get the trace because we can't get to desktop to stop it?!

Well friends, I'm here to say you can in fact collect your hard won trace!

For your problem node(s) just get a trace started. How if you can't logon to desktop? Easy, here are some options for you:

– Safe mode w/Network copy the Windows Performance Toolkit folder onto the troubled node.

Run Xbootmgr -trace boot -traceflags dispatcher+latency

If SafeMode doesn't work

– Boot up system. Don't logon. Copy WPT directory onto system.

PSExec / scheduled task as system/autoexec.bat the command (guess) "xbootmgr -trace boot -traceflags dispatcher+latency

Now that the system has a xbootmgr trace and is shutting down and rebooting….

Wait to logon, when prompted, do so.

wait 3-4 minutes

– PSExec to the machine. xperf -d C:\directory\merge.etl

If psexec didn't work

set a scheduled task remotely or locally in safe mode if that works, to run xperf -d C:\directory\merge.etl in some directory you made.

(tasks need to run in system context).

Problems with this? Don't get it? Ask questions/comment please. I'm here, for you.


Today’s (Cloud) Tip…Performance Guidance for SQL Server in Windows Azure Virtual Machines

Post courtesy of Evan Basalik

One of the most resource intensive applications you can run on Windows is SQL Server. To some extent, this is demonstrated by the vast amounts of performance guidance and troubleshooting documents that exist all over the web. When running SQL Server in an Azure Virtual Machine (i.e., IaaS), there is one additional article you want to be sure to read. It was written and edited by a virtual who’s who of Windows performance, Azure performance and SQL Server performance. Even if you aren’t running SQL Server, but want to understand best how to build high performance Azure IaaS applications, this article has a wealth of knowledge.

Performance Guidance for SQL Server in Windows Azure Virtual Machines.

Authors: Silvano Coriani, Jasraj Dange, Ewan Fairweather, Xin Jin, Alexei Khalyako, Sanjay Mishra, Selcin Turkarslan

Technical Reviewers: Mark Russinovich, Brad Calder, Andrew Edwards, Suraj Puri, Flavio Muratore, Hanuma Kodavalla, Madhan Arumugam Ramakrishnan, Naveen Prakash, Robert Dorr, Roger Doherty, Steve Howard, Yorihito Tada, Kun Cheng, Chris Clayton, Igor Pagliai, Shep Sheppard, Tim Wieman, Greg Low, Juergen Thomas, Guy Bowerman, Evgeny Krivosheev

Editor: Beth Inghram

Summary: Developers and IT professionals should be fully knowledgeable about how to optimize the performance of SQL Server workloads running in Windows Azure Infrastructure Services and in more traditional on-premises environments. This technical article discusses the key factors to consider when evaluating performance and planning a migration to SQL Server in Windows Azure Virtual Machines. It also provides certain best practices and techniques for performance tuning and troubleshooting when using SQL Server in Windows Azure Infrastructure Services.

Another (Cloud) Tip…Federated vs. Managed Users

By Evan Basalik

Office 365 authentication has the concept of two types of users – federated and managed.

Federated users are ones for whose authentication Office 365 communicates with an on-premises federation provider (ADFS, Ping, etc) that then talks to an on-premises authentication directory (i.e., Active Directory or other directories) to validate a user’s credentials. This authentication redirect is relatively transparent to the user other than the fact that they might see their organizations federation sign-on page.

Managed users are cloud-only user and they only exist inside Windows Azure Active Directory. In this scenario, user log in via the Office 365 portal and provide credentials that are different than their on-premises credentials. In this scenario, some customer use Directory Synchronization (DirSync) to keep their on-premises users’ properties in sync with their on-premises directory, but don’t federate them.

Although there is less complexity with managed users, it does bring with it the need to remember another set of credentials except for the subset of customers who have adopted Password Synchronization. Those users leverage Password Synchronization to make sure the cloud and on-premises credentials are the same.

Today’s (Cloud) Tip… Same sign-on vs. Single sign-on

By Evan Basalik

Customers can leverage Directory Synchronization (DirSync) to keep their local Active Directory and Windows Azure Active Directory in sync. The DirSync application runs on a regular basis and copies on-premises attributes to Windows Azure Active Directory. Applications like ACS and Office 365 then use Azure Active Directory to validate users’ identity and attributes.
Historically, DirSync didn’t synchronize the user’s password. Instead, it leveraged the concept of managed or federated users to decide whether to use a local password or talk to a federation server. A recent update to DirSync added a new option – Password Synchronization (Password Sync). Password Sync allows DirSync to send up a hash of the user’s password hash (yes, it is a hash of a hash). This allows Azure Active Directory to authenticate users without having to talk to a federation server.
Talking to a federation server to validate a credentials is called “single sign-on” since in theory users don’t have to re-enter their credentials if already logged in. “Same sign-on” means that the users will have to re-enter their credentials, but they can use the same exact credentials they use to sign on locally.
Same sign-on is a compromise. It is much easier to implement than federation and single sign-on, but it is not quite as seamless as single-sign on. In essence, it provides the simplicity of managed users while adding the convenience of end users not having to remember yet another set of credentials.

Shout out to ChriCas and StevTa for sanity checking today’s tip!

(Cloud) Tip Of The Day

This tip of the day is cloud yo!  Straight from Evan Basalik, an Senior Support Escalation Engineer!

Today’s (Cloud) Tip…Security of customer data in Office 365

We employ all of the follow methods to secure customer data in Office 365:

1) Network segmentation to ensure physical separate of back-end services and devices from public-facing interfaces

2) BitLocker 256-bit AES Encryption for all email content at rest (i.e., on storage media)

3) Access to physical hardware is monitored and controlled by including badges and smart cards, biometric scanners, on-premises security officers, continuous video surveillance, and two-factor authentication

4) Our racks are seismically braced (I just think that is cool!)

5) Traffic Throttling to Prevent Denial of Service Attacks

6) Deleting unnecessary accounts automatically when an employee leaves, changes groups, or does not use the account prior to its expiration

The service is also certified by a number of independent compliance checks and validations such as:

1) ISO 27001

2) FISMA moderate Authority to Operate

3) HIPAA Business Association Agreement (BAA)

4) EU Model Clauses

5) Cloud Security Alliance (

See for all the details.

How to stand up a MediaWiki on Windows Server 2012 (10 easy steps with pictures)

Step 1.  Setup Windows Server 2012 (see my build a lab series for that if you don’t know how).

Step 2.  Patch it and name it blah blah.

Step 3.  Download Microsoft Web Platform 4.5:

Step 4.  Run it.


Step 5.  Click Database, then “MySQL Windows 5.1” and click “Add”


Step 6.  Click “Applications” and Select “Wiki on the left to sort it, then click “MediaWiki” and click “Add”.


Step 7.  Click “Install” and let ‘er rip!

Step 8.  Configure Password to a strong password.


Step 8.  Click Continue and then Check the box, help the people who write code to get feedback on their installers, and hit “I Accept” (or don’t, that’s cool too, you still need to hit “I Accept, but you don’t need to check the box).


Step 9.  Grab a drink and wait:




Filling in a pw here (pretty sure this should match what we put above, if not I’ll change it later):




After clicking finish it opens an IE 10 window to local host.  It looks like there was a bug where there were // instead of / after ‘localhost’ so I removed one and hit enter.  Then I got prompted to turn on “Intranet Security” as it was currently disabled on my 2012 Server (action bar at the bottom of the browser window).  After I did that I got this:


Step 10.  Do wiki stuff!  Share and enjoy!

-The Dude

Building up a learning lab based on Windows 8 and Hyper-V, Part VI

So in our previous installment, we were at Server Manager, ready to configure our pristine Domain Controller.  So lets get to it!

First, click on “Local Server” on the left pane.


What do we notice in the image below?  Computer name is goofy so lets fix it.


Clik the hyperlink for the machine name, which brings up this interface below:

image       image

Clicking ok at that point rewards you with a reboot notice, click ok, then click ok again and restart.



So now when we logon again and select Local Server in Server Admin we get this view:


So lets shift to the right and address some housekeeping items, by the way in your lab, probably ok to ignore this:


At least for now…

So in a LAB environment where I might be web browsing from a server to collect software to install, I turn off IE ESC:


and then maybe I turn on Automatic Windows Updates (depends on if I am testing updates or not…


And apply some updates.  I do this before I enable the AD role, out of habit…


Install those patches and let it reboot.




So let it reboot, hit restart now.