Windows server 2008 R2 - Internals

Posted on 2012-08-30
Last Modified: 2012-10-03
MemoryI am interested in digging deeper on the internals of Windows server 2008 R2:  
non-page memory, threads, processes etc.

I have bought the Sys Internal books but they are bit over my head.

Any suggestions on how to decipher like:  kernel memory -  nonpaged ,etc
Picture attached.
Question by:techgenious
    LVL 11

    Expert Comment


    Author Comment

    Tried that also
    LVL 11

    Accepted Solution

    Not sure what you are asking here but here goes :-

    Non-Paged memory will host threads from programs which cannot be swapped out of memory - they have to be continuously loaded in memory. Kernel mode drivers are an example of this.

    Paged memory will host threads of programs which can be paged or swapped out to page file when not in active use.

    You can use talk manager to show the individual threads for each of these catagories (view-columns-select the two columns to display).

    The following is from here :-

    A process handle is an integer value that identifies a process to Windows. The Win32 API calls them a HANDLE; handles to windows are called HWND and handles to modules HMODULE.

    Threads inside processes have a thread handle, and files and other resources (such as registry keys) have handles also.

    The handle count you see in Task Manager is "the number of object handles in the process's object table". In effect, this is the sum of all handles that this process has open.

    If you do not release your handle to a resource, other people may not be able to access it - this is why you sometimes cannot delete a file because Windows claims it is in use (check out this article on handle leaks and Process Explorer).

    Also, there is a per-process limit on various handles. Here is an example.

    In general, if you are opening handles and not closing them, it is analogous to leaking memory. You should figure out what is going on and fix it.

    Not sure what else you want to know ?

    Author Comment

    That helps alot, are there any  books that explain simple and helps with tools.

    The sys internal books right now are over my head.

    Author Comment

    I've requested that this question be closed as follows:

    Accepted answer: 0 points for wynnie2's comment #a38351874

    for the following reason:

    great answer

    Featured Post

    Too many email signature updates to deal with?

    Are you constantly visiting users’ desks making changes to email signatures? Feel like it’s taking up all of your time? Wish you could manage all signatures from one central location, easily design them and deploy them quickly to users? Well, there is an easy way!

    Join & Write a Comment

    Recently, I was asked to look into SCCM 2007 by my employer, having a degree of experience of earlier versions of SMS and some previous SCCM knowledge I didn't expect the procedure to involve to much time. I read a number of guides concerning it…
    Normally after a failure of Domain Controller, when promoting new DC the DC is renamed, we will discuss the options in Dcpromo to re-create the DC with the same name. Scenario: You are a small IT shop with two Domain Controllers (Domain Contr…
    This tutorial will walk an individual through the steps necessary to configure their installation of BackupExec 2012 to use network shared disk space. Verify that the path to the shared storage is valid and that data can be written to that location:…
    This tutorial will give a short introduction and overview of Backup Exec 2012 and how to navigate and perform basic functions. Click on the Backup Exec button in the upper left corner. From here, are global settings for the application such as conne…

    746 members asked questions and received personalized solutions in the past 7 days.

    Join the community of 500,000 technology professionals and ask your questions.

    Join & Ask a Question

    Need Help in Real-Time?

    Connect with top rated Experts

    15 Experts available now in Live!

    Get 1:1 Help Now