Can WER produce dumps similar to .dump /ma

My impression is that dumps produced my winDbg

.dump /ma

contains more than just a full dump

Configuring WER explains DumpType 0: Custom dump CustomDumpFlags bitwise combination of MINIDUMP_TYPE But what hex value gives dumps similar dumps as .dump /ma

All the bit combinations are a bit overwhelming for me.

Solution

WinDbg's .dump /ma saves the dump with these flags:

Flags           41826
                0002 MiniDumpWithFullMemory
                0004 MiniDumpWithHandleData
                0020 MiniDumpWithUnloadedModules
                0800 MiniDumpWithFullMemoryInfo
                1000 MiniDumpWithThreadInfo
                40000 MiniDumpWithTokenInformation

You can verify this by opening the crash dump file in WinDbg and issuing the (undocumented) .dumpdebug command.

So you will want to specify 41826 (hex) or 268326 (decimal) in the CustomDumpFlags registry key.

Observing the default process heap getting created (breakpoint on heap creation)
How to switch from non-invasive attach to invasive?
.NET Core application deadlocks when reading stdout and stderr from a child process - how to troubleshoot using WinDBG?
WINDBG: Display dump file capture flags
Could not find the ... dump file, Win32 error 0n87 when opening SYS
Are there any WinDBG replacements with a better GUI?
No stack when creating "kernel" dump with procdump -mk
Provide symbol server auth to windows debugger
How to set up symbols in WinDbg?
How to see managed exception details in WinDBG?
Find address of C++ static class member using WinDbg
Confusion over CPSR register for Aarch64: how to read it and encoding of the "ARM processor mode"
Why can't Windbg's SOS extension give me Syncblock data?
Setting a breakpoint on CreateFile() API in WinDbg
Debuggers don't kick in when application crashes
Unable to set a bp on LoadLibraryW
WinDbg: Couldn't resolve error at xyz!abc::func while setting breakpoint
TTD fails to do selective recording of multiple modules
How to debug a windows driver with IDA and use its corresponding IDB?
What is the location for windbg Preview in windows 10?And how to rename a project name in visual studio 2019?
How to do hybrid user-mode/kernel-mode debugging?
How do I get CDB to display the value of a std::filesystem::path?
How do I get CDB to show source lines for Microsoft’s C++ Standard Library?
How do I use a remote Linux system to debug an application that’s running on Windows?
After modifying msr[lstar], why the expected breakpoint cannot be hit?
Debugging Windows kernel on a Microsoft Azure platform virtual machine
what does windbg command "d esp" exactly do?
SOS does not support the current target architecture
How to use WinDbg to analyze the crash dump for VC++ application?
What are possible GDI objects that would be leaked but not enumerated as a known GDI object type?