Re: Ntbackup Windows 2003 SP1 issue (VSS/Security)

workinghard_at_news.postalias
Date: 05/08/05

  • Next message: Joel D. Kraft: "Slow NTFS Permission Application" 
    Date: Sun, 8 May 2005 17:55:14 +0200

    Hello Roger,

    It's a "normal" domain account, member of a domain global group for backups
    that's in a domain local group for backups wich I add to every server's
    backup operators group and that is used to grant permissons to the shares
    where the backups are written to. I did not remove it from the domain users
    group and the domain users groups is a memeber of the local users group on
    the servers. The ntbackupaccount is on all servers used to run the scheduled
    backups (scripted). This all works fine those 2 errors appeard after
    deploying SP1. The only other issue we had with SP1 was SUS failing becuase
    the NETWRORK acount did not have adequate permissons on certain web folders
    after installing SP1, grnating access solved the issue there.

     Thx for your response, i'll let you know my future findings

    "Roger Abell" <mvpNOSpam@asu.edu> wrote in message
    news:ODNO4H%23UFHA.3944@tk2msftngp13.phx.gbl...
    > Is the domain account VLM\ntbackupaccount a member of
    > the Users group on the machine where the access is throwing
    > an error? The accesses requested from services.exe are not
    > anything excessive.
    >
    > --
    > Roger Abell
    > Microsoft MVP (Windows Security)
    > MCSE (W2k3,W2k,Nt4) MCDBA
    > <workinghard@news.postalias> wrote in message
    > news:%23gXHvL7UFHA.3240@TK2MSFTNGP10.phx.gbl...
    >> Hello,
    >>
    >> Since installing Windows 2003 SP1 on our servers we get following errors
    >> during an NT backup (see lower). I believe this is a permission problem
    > and
    >> I wil try to give the Backup Operators group admin right as a test,
    > propably
    >> just read & execute rights on the services.exe might be enough ... Is
    > there
    >> anything known about this issue? Thx in advance.
    >>
    >> Application log:
    >>
    >> Volume Shadow Copy Service error: Unexpected error OpenService
    >> (shSCManager, 'VSS', SERVICE_QUERY_STATUS). hr = 0x80070005
    >>
    >>
    >> And in the security log:
    >>
    >> Event Type: Failure Audit
    >> Event Source: Security
    >> Event Category: Object Access
    >> Event ID: 560
    >> Date: 5/8/2005
    >> Time: 11:23:24 AM
    >> User: MYDOMAIN\NTBACKUPACCOUNT
    >> Computer: AOCSRV25
    >> Description:
    >> Object Open:
    >> Object Server: SC Manager
    >> Object Type: SC_MANAGER OBJECT
    >> Object Name: ServicesActive
    >> Handle ID: -
    >> Operation ID: {0,20193990}
    >> Process ID: 464
    >> Image File Name: C:\WINDOWS\system32\services.exe
    >> Primary User Name: AOCSRV25$
    >> Primary Domain: VLM
    >> Primary Logon ID: (0x0,0x3E7)
    >> Client User Name: ntbackupaccount
    >> Client Domain: VLM
    >> Client Logon ID: (0x0,0x12DE8A4)
    >> Accesses: READ_CONTROL
    >> Connect to service controller
    >> Enumerate services
    >> Query service database lock state
    >>
    >> Privileges: -
    >> Restricted Sid Count: 0
    >> Access Mask: 0x20015
    >>
    >>
    >>
    >>
    >>
    >
    >

  • Next message: Joel D. Kraft: "Slow NTFS Permission Application"

    Relevant Pages

    • Re: securitygroup member of distribution group
      ... "Protecting the world from PSTs and brick backups!" ... Can I make a securitygroup member of a distributioin ... So if I mail the distributiongroup every member of the ...
      (microsoft.public.exchange.admin)
    • Backups with Wheel Group
      ... I am currently doing backups as a user who is a member of the wheel group. ... Should I definitely be doing backups as a root user? ...
      (comp.unix.bsd.openbsd.misc)
    • Quantcast