Windows Server 2016 Datacenter - User mode crash dumps are created when 'run as administrator' - permissions settings?

jeffrey 1 Reputation point
2020-12-22T19:08:08.353+00:00

I have a test C++ application that I've used for years that will create a crash dump on memory access violation. When I run it as a user that is supposed to have elevated privileges, there's no crash dump file created and I get a "popup" Application Error dialog box (even though this should be disabled: DontShowUI is set to not show).

However, when I right-click on my test EXE and "run as administrator", there's no popup dialog box and it creates the dump file specified by the registry setting.

I've never encountered this before, but suspect it is a change in permissions. Where would the settings be that would affect this behavior? GPO? Local Security settings?

Windows API - Win32
Windows API - Win32
A core set of Windows application programming interfaces (APIs) for desktop and server applications. Previously known as Win32 API.
2,416 questions
C++
C++
A high-level, general-purpose programming language, created as an extension of the C programming language, that has object-oriented, generic, and functional features in addition to facilities for low-level memory manipulation.
3,525 questions

2 answers

Sort by: Most helpful
Most helpful Newest Oldest
  1. Drake Wu - MSFT 991 Reputation points
    2020-12-31T03:14:11.133+00:00

    Hi @jeffrey It seems that you only set Windows Error Reporting (WER) for your current user(HKEY_CURRENT_USER) , try to use the HKEY_LOCAL_MACHINE registry key: https://learn.microsoft.com/en-us/windows/win32/wer/wer-settings

    If the answer is helpful, please click "Accept Answer" and upvote it.
    Note: Please follow the steps in our documentation to enable e-mail notifications if you want to receive the related email notification for this thread.

    0 comments
  2. jeffrey 1 Reputation point
    2021-01-07T19:15:05.987+00:00

    The crash dump settings were made under the HKEY_LOCAL_MACHINE, not the "user". This is where they've been set on the previous server version (2008R2); current server is 2016. Under the user that is having this issue with the crash dumps, if I try to access regedit from a normal command prompt, it says 'access denied'. I can access regedit under the same user by launching an admin command prompt. I do not recall if the behavior was the same on 2008R2.

    the settings are as follows. Again, it will create the dump if I run the test EXE as admin, bit no dump file is created if run 'normally'.

    54551-local-dump-settings.png

    54542-wer-settings.png