Share via


How do you track down where an MSMQ message has come from?

May sound like a strange question but what if you have many clients spread around the world sending messages and one machine starts chucking out rubbish for some unknown reason. If there is nothing uniquely identifiable in the message title or body then it can be hard to track down the culprit.

On approach is to add some extra columns to the "Queue messages" view in Computer Management.

The Source Computer value is the Queue Manager ID (QMID) and is found in the registry (HKLM\SOFTWARE\Microsoft\MSMQ\Parameters\MachineCache\QMID)
of the sending machine. This value should be unique but I have seen customers that use cloning where it isn't.

The Sender ID is the user account SID. If the value is not a well-known SID then you will need to use some utility to convert it to a username.
Note that the SID is either in the domain security database or the local machine security database, depending on what account is being used.

Comments

  • Anonymous
    September 27, 2010
    How can you look in the registry of the sending machine when you are trying to determine the name of the sending machine? "... some utility to convert"   What utility?