Re: Ntbackup Windows 2003 SP1 issue (VSS/Security)
From: Roger Abell (mvpNOSpam_at_asu.edu)
Date: 05/08/05
- Next message: Steve: "Windows Server 2003 Security issue"
- Previous message: Joe Richards [MVP]: "Re: Delegating admin roll"
- In reply to: workinghard_at_news.postalias: "Ntbackup Windows 2003 SP1 issue (VSS/Security)"
- Next in thread: workinghard_at_news.postalias: "Re: Ntbackup Windows 2003 SP1 issue (VSS/Security)"
- Reply: workinghard_at_news.postalias: "Re: Ntbackup Windows 2003 SP1 issue (VSS/Security)"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Sun, 8 May 2005 08:27:27 -0700
Is the domain account VLM\ntbackupaccount a member of
the Users group on the machine where the access is throwing
an error? The accesses requested from services.exe are not
anything excessive.
--
Roger Abell
Microsoft MVP (Windows Security)
MCSE (W2k3,W2k,Nt4) MCDBA
<workinghard@news.postalias> wrote in message
news:%23gXHvL7UFHA.3240@TK2MSFTNGP10.phx.gbl...
> Hello,
>
> Since installing Windows 2003 SP1 on our servers we get following errors
> during an NT backup (see lower). I believe this is a permission problem
and
> I wil try to give the Backup Operators group admin right as a test,
propably
> just read & execute rights on the services.exe might be enough ... Is
there
> anything known about this issue? Thx in advance.
>
> Application log:
>
> Volume Shadow Copy Service error: Unexpected error OpenService
> (shSCManager, 'VSS', SERVICE_QUERY_STATUS). hr = 0x80070005
>
>
> And in the security log:
>
> Event Type: Failure Audit
> Event Source: Security
> Event Category: Object Access
> Event ID: 560
> Date: 5/8/2005
> Time: 11:23:24 AM
> User: MYDOMAIN\NTBACKUPACCOUNT
> Computer: AOCSRV25
> Description:
> Object Open:
> Object Server: SC Manager
> Object Type: SC_MANAGER OBJECT
> Object Name: ServicesActive
> Handle ID: -
> Operation ID: {0,20193990}
> Process ID: 464
> Image File Name: C:\WINDOWS\system32\services.exe
> Primary User Name: AOCSRV25$
> Primary Domain: VLM
> Primary Logon ID: (0x0,0x3E7)
> Client User Name: ntbackupaccount
> Client Domain: VLM
> Client Logon ID: (0x0,0x12DE8A4)
> Accesses: READ_CONTROL
> Connect to service controller
> Enumerate services
> Query service database lock state
>
> Privileges: -
> Restricted Sid Count: 0
> Access Mask: 0x20015
>
>
>
>
>
- Next message: Steve: "Windows Server 2003 Security issue"
- Previous message: Joe Richards [MVP]: "Re: Delegating admin roll"
- In reply to: workinghard_at_news.postalias: "Ntbackup Windows 2003 SP1 issue (VSS/Security)"
- Next in thread: workinghard_at_news.postalias: "Re: Ntbackup Windows 2003 SP1 issue (VSS/Security)"
- Reply: workinghard_at_news.postalias: "Re: Ntbackup Windows 2003 SP1 issue (VSS/Security)"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
