=====
SymptomsWhen you run the SCOExpressWriter /register command you may receive the following error message:
Retrieve SQL Server and DB Name from settings.dat file.
Unregister writer (if it exists).
Registering dependency on SQL VSS Writer.
SQLServer: orchestrator-sql, LogicalPath: \\orchestrator-sql\orchestrator-sql, Database:Orchestrator
Failed to create and register Orchestrator Express Writer.
Event ID 8213 will also be logged in Application event log:
Log Name: Application
Source: VSS
Date:
Event ID: 8213
Task Category: None
Level: Error
Keywords: Classic
User: N/A
Computer: NsxSrv.nsx.domain.local
Description:
Volume Shadow Copy Service error: The process that hosts the writer with name IVssExpressWriter and ID {00000000-0000-0000-0000-00000000-0000} does not run under a user with sufficient access rights. Consider running this process under a local account which is either Local System, Administrator, Network Service, or Local Service.
This problem can occur if the user executing the command does not have proper permission to run VSS requester.
Resolution
To resolve this issue, complete the steps below:
1. Check the details of the event 8213 and find the name of the user. In this case "NSX\administrator" is the name of the user.
=========================
In Bytes
0000: 2D 20 43 6F 64 65 3A 20 - Code:
0008: 57 53 48 56 57 52 54 43 WSHVWRTC
0010: 30 30 30 30 30 35 38 34 00000584
0018: 2D 20 43 61 6C 6C 3A 20 - Call:
0020: 57 53 48 56 57 52 54 43 WSHVWRTC
0028: 30 30 30 30 30 35 36 36 00000566
0030: 2D 20 50 49 44 3A 20 20 - PID:
0038: 30 30 30 30 34 30 30 34 00004004
0040: 2D 20 54 49 44 3A 20 20 - TID:
0048: 30 30 30 30 34 30 30 38 00004008
0050: 2D 20 43 4D 44 3A 20 20 - CMD:
0058: 53 43 4F 45 78 70 72 65 SCOExpre
0060: 73 73 57 72 69 74 65 72 ssWriter
0068: 2E 65 78 65 20 20 2F 72 .exe /r
0070: 65 67 69 73 74 65 72 20 egister
0078: 2D 20 55 73 65 72 3A 20 - User:
0080: 4E 61 6D 65 3A 20 4E 53 Name:
NS
<----
0088: 58 5C 61 64 6D 69 6E 69
X\admini
<----
0090: 73 74 72 61 74 6F 72 2C
strator
,
<----
0098: 20 53 49 44 3A 53 2D 31 SID:S-1
00a0: 2D 35 2D 32 31 2D 33 30 -5-21-30
00a8: 35 31 30 37 38 39 35 35 51078955
00b0: 2D 31 32 35 38 35 32 39 -1258529
00b8: 37 35 33 2D 32 31 39 32 753-2192
00c0: 32 36 36 33 37 2D 35 30 26637-50
00c8: 30 20 20 20 20 20 20 20 0
=========================
2. Open Regedit and navigate to the following key:
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\VSS\VssAccessControl
3. Create a reg key below:
Value type : DWORD
Value name : the name of the user including domain name (ex: NSX\administrator)
Value : 1
4. Restart the Volume Shadow Copy service.
More informationYou may receive an event ID 8230 warning like the one below after registering the writer:
Log Name: Application
Source: VSS
Date: 6/7/2012 7:57:16 PM
Event ID: 8230
Task Category: None
Level: Warning
Keywords: Classic
User: N/A
Computer: NsxSrv.nsx.domain.local
Description:
Volume Shadow Copy Service error: Failed resolving account administrator with status 1376. Check connection to domain controller and VssAccessControl registry key.
Error-specific details:
Error: NetLocalGroupGetMemebers(administrator), 0x80070560, The specified local group does not exist.
This warning is generated because the VSS writer runs under the context of a domain user account. This warning can be safely ignored.
ReferencesThe meaning of VssAccessControl is described in this site:
Security Considerations for Requesters: http://msdn.microsoft.com/en-us/library/aa384604(VS.85).aspx ( http://msdn.microsoft.com/en-us/library/aa384604(VS.85).aspx )
"In these cases, the HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\VSS\VssAccessControl registry key must be modified to instruct VSS that a specified user is safe to run a VSS requester."
The
SCOExpressWriter
command-line utility registers an Orchestrator database as a component associated with the Orchestrator management server. This association instructs DPM to back up the Orchestrator database when it performs a backup of the management server.
http://technet.microsoft.com/en-us/library/hh852622.aspx
=====
For the most current version of this article please see the following:
2736842 - Running the Orchestrator "SCOExpressWriter.exe /register" command fails with "Failed ...
J.C. Hornbeck | System Center & Security Knowledge Engineer
Get the latest System Center news on Facebook and Twitter :
App-V Team blog:
http://blogs.technet.com/appv/
ConfigMgr Support Team blog:
http://blogs.technet.com/configurationmgr/
DPM Team blog:
http://blogs.technet.com/dpm/
MED-V Team blog:
http://blogs.technet.com/medv/
Orchestrator Support Team blog:
http://blogs.technet.com/b/orchestrator/
Operations Manager Team blog:
http://blogs.technet.com/momteam/
SCVMM Team blog:
http://blogs.technet.com/scvmm
Server App-V Team blog:
http://blogs.technet.com/b/serverappv
Service Manager Team blog:
http://blogs.technet.com/b/servicemanager
System Center Essentials Team blog:
http://blogs.technet.com/b/systemcenteressentials
WSUS Support Team blog:
http://blogs.technet.com/sus/
The Forefront Server Protection blog:
http://blogs.technet.com/b/fss/
The Forefront Endpoint Security blog :
http://blogs.technet.com/b/clientsecurity/
The Forefront Identity Manager blog :
http://blogs.msdn.com/b/ms-identity-support/
The Forefront TMG blog:
http://blogs.technet.com/b/isablog/
The Forefront UAG blog:
http://blogs.technet.com/b/edgeaccessblog/