drwtsn32.exe C:\Documents and Settings\All Users\Application Data\Microsoft\Dr Watson 10 10 Mini and only Create Crash Dump File --- http://support.citrix.com/article/CTX107528 Symptoms Sometimes it's difficult to capture a user dump inside a terminal session because Dr. Watson doesn't work as the default debugger. Cause This is probably caused by security permissions in Windows 2003. Resolution 1. Install latest Debugging Tools for Windows: http://www.microsoft.com/whdc/devtools/debugging/default.mspx 2. Set WinDbg as a default debugger by executing the following command: WinDbg -I Note that I must be capitalized. 3. Create a folder where the dump must be stored and give it full control permissions for users or remote desktop users. For this example, c:\TEMP folder is used. 4. Inspect the following key: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\AeDebug For example, it has the following value: "C:\Program Files\Debugging Tools for Windows\windbg.exe" -p %ld -e %ld -g Take the current key value and append the following string: -c '.dump /o /f c:\TEMP\new.dmp; q' -Q -QS -QY -QSY The new key should have the following value: "C:\Program Files\Debugging Tools for Windows\windbg.exe" -p %ld -e %ld -g -c '.dump /o /f c:\TEMP\new.dmp; q' -Q -QS -QY -QSY 5. Whenever there is an exception inside a session, a dump will be stored in the TEMP folder. Note: The previously stored dump will be overwritten. 6. You can use this technique with other debuggers from the Debugging Tools suit. For their command line options, check the debugger.chm help file. Note: On some operating systems such as Windows 2003, Windows XP and later you can use /ma switch instead of /f switch to save additional debugging information such as handle data and thread time information: "C:\Program Files\Debugging Tools for Windows\windbg.exe" -p %ld -e %ld -g -c '.dump /o /ma c:\TEMP\new.dmp; q' -Q -QS -QY -QSY If the dump is still not generated, try to enable detailed process tracking in your local security policy, then look for process creation events in the security event log to see if the postmortem debugger is launched. More Information If you don't want to install Debugging Tools for Windows you can use an existing debugger on your system: NTSD. Refer to CTX105888 How to Set NTSD as a Default Windows Postmortem Debugger.