╔═══════════════════════════════════════
║ Instructions - Debugging - Global Flags
┌───────────────────────────────────────
│ Plainspeak
Global Flags allows you to apply kernel mode and user mode process-specific settings when troubleshooting in-depth. Global Flags is included with the Windows SDK. You configure it either from its GUI or the command line to apply the settings you specify.
┌───────────────────────────────────────
│ References
• Global Flags
• Windows SDK and emulator archive
• Wikiwand - Microsoft Windows SDK
• Operating System Version
• User Account Control
┌───────────────────────────────────────
│ Acquire
• Determine the latest Windows SDK whose components are compatible with the target OS:
· Typically a Windows SDK is compatible with an OS version one downlevel from the OS version the Windows SDK targets.
· e.g. the Windows 8.1 SDK is largely compatible with Windows 6.1, and the Windows 10 SDK 1507 is largely compatible with Windows 8.1.
· However, individual components within the Windows SDK may not be downlevel compatible.
· e.g. Windows Performance Toolkit may not be downlevel compatible.
· Windows SDK and emulator archive
• Install the Windows SDK component: Debugging Tools for Windows
• PSPRO recommends installing the following Windows SDK components:
· Application Verifier for Windows
· Debugging Tools for Windows
· Windows Performance Toolkit
• Compile a list of 'Global Flags' settings that will be configured for your investigation.
┌───────────────────────────────────────
│ Configure
· Open the window 'Global Flags':
· x86: Windows Button | Windows Kits | Global Flags
· x64: Windows Button | Windows Kits | Global Flags (X64)
· The window 'User Account Control' will appear.
· Click: OK
· The window 'User Account Control' will close.
· The window 'Global Flags' will appear.
┌───────────────────────────────────────
│ Process Monitoring
• If user mode process monitoring for particular processes is appropriate:
· In the window 'Global Flags':
· Click the tab: Image File
· In the dialog box 'Image: (TAB) to refresh', enter: <processname>
· Where "<processname>" is a process name.
· A fully-qualified pathname is not supported.
· Press: <Tab>
· Select the various options appropriate for the process.
· Click: OK
· The window 'Global Flags' will close.
· Reboot or restart the configured process.
┌───────────────────────────────────────
│ Object Reference Tracing
• If kernel object reference tracing is appropriate:
· In the window 'Global Flags':
· If monitoring one or more pool tags is appropriate:
· Click the tab: System Registry
· Locate the section: Object Reference Tracing
· Click: Enable
· Click: Permanent
· In the field 'Pool Tags', enter: <pooltag1;pooltag2;pooltag3>
· Where <pooltag1;pooltag2;pooltag3> is a list of pool tags separated by semicolons.
· If monitoring one or more process names is appropriate:
· Click the tab: System Registry
· Locate the section: Object Reference Tracing
· Click: Enable
· Click: Permanent
· In the field 'Process', enter: <processname>
· Where "<processname>" is a process name.
· A fully-qualified pathname is not supported.
· Click: OK
· The window 'Global Flags' will close.
· Reboot.
┌───────────────────────────────────────
│ Credits
Any external referenced material in this document is hyperlinked. Authors responsible for referenced work should be sought through the reference(s) listed.
I am Christopher Etter, a Professional Services consultant.
Because you are using this, I welcome you as my customer. These documents are free for you to use. I work diligently to serve you with material such as this. I would appreciate it if PSPRO (professionalservices.pro), my name, and this 'Credits' section remain attached to this work so that I accrue name recognition via your success and peer recommendation. Thank you very much, and I hope this document helps you solve your current information technology issue!