The ADPlus method of creating dumps is still valid after Windows Server 2003, however there is an easier way to have the OS create the same data which was introduced in Windows Vista…
For processes that are hung or consuming lots of CPU time, you can use Task Manager to create hang mode dumps – on the Processes tab you simply right-click on the process and from the context menu select “Create Dump File” and wait for the message to appear telling you where the dump was created.
Just like ADPlus in hang mode, this does not terminate the process – the threads are suspended whilst a copy of the process’ user-mode virtual address space is dumped to disk, then they are resumed.
Is there a Dr (Watson) in the house?
Windows Error Reporting (WER) has replace Dr Watson as the default user-mode post mortem debugger, and it is configured through the registry (or group policy).
Here are example registry values to make WER retain up to 25, complete application crash dumps in C:\Dumps:
Path: HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\Windows Error Reporting
Name: DumpCount Type: REG_DWORD Data: 25
Name: DumpType Type: REG_DWORD Data: 2
Name: DumpFolder Type: REG_EXPAND_SZ Data: C:\Dumps
After rebooting, when an application crashes you know exactly where to look for the dump files.