From: umesh on
Hello,
I want to debug Windows Server 2008 SP2 through kernel debugging. I install
WinDbg 6.11.0001.401 x86 on my XP MAchine. I also install latest windows
symbols - Windows Server 2008 SP2 and Windows Vista SP2 x86 retail symbols,
all languages (File size: 281 MB - Most customers want this package) from URL

http://www.microsoft.com/whdc/devtools/debugging/symbolpkg.mspx#f

I connect serial cable from XP to Windows Server 2008. I also boot Windows
Server 2008 in Debug mode. I include symbol path
C:\Windows\Symbols;SRV*C:\websymbols*http://msdl.microsoft.com/download/symbols in WinDbg symbol path.

After that when i start my winDBG i could see following messages:

Waiting to reconnect...
Connected to Windows Server 2008/Windows Vista 6002 x86 compatible target at
(Tue Dec 29 12:41:23.096 2009 (GMT+5)), ptr64 FALSE
Kernel Debugger connection established.
Symbol search path is:
C:\Windows\Symbols;SRV*C:\websymbols*http://msdl.microsoft.com/download/symbols
Executable search path is:
*** ERROR: Symbol file could not be found. Defaulted to export symbols for
ntkrpamp.exe -
Windows Server 2008/Windows Vista Kernel Version 6002 (Service Pack 2.113)
MP (2 procs) Free x86 compatible
Product: LanManNt, suite: Enterprise TerminalServer SingleUserTS
Built by: 6002.16497.x86fre.lh_sp2beta.081017-1605
Machine Name:
Kernel base = 0x81806000 PsLoadedModuleList = 0x8191dc70
Debug session time: Wed Dec 30 03:13:59.160 2009 (GMT+6)
System Uptime: 0 days 0:03:22.862

When i try to run !process 0 0 command it gives me following error message

**** NT ACTIVE PROCESS DUMP ****
NT symbols are incorrect, please fix symbols

AFter enabling noisy mode i can see following messages


SYMSRV:
c:\websymbols\ntkrpamp.pdb\AEEB1BE58A54443F9937CB0F7CEFA9822\ntkrpamp.pdb not
found
SYMSRV:
http://msdl.microsoft.com/download/symbols/ntkrpamp.pdb/AEEB1BE58A54443F9937CB0F7CEFA9822/ntkrpamp.pdb not found
DBGHELP: c:\windows\symbols\ntkrpamp.pdb - file not found
DBGHELP: c:\windows\symbols\exe\ntkrpamp.pdb - mismatched pdb
DBGHELP: c:\windows\symbols\symbols\exe\ntkrpamp.pdb - file not found


My system is connected with network and is working properly.

Can anyone tell me where i am going wrong. I install everything and still
having no clue where could i go wrong.

As per messages it is clear that it could find right symbols but interesting
thing is even it could not download latest symbols from microsoft symbol
server - http://msdl.microsoft.com/download/symbols.

Can anyone help me.

Regards
vonny