Fixing Volume Shadow Copy (VSS) Error with Event ID 8193

The monitoring system on certainly one of my servers working Windows Server 2016 began sending a number of messages of the Volume Shadow Copy Service error with the Event ID 8193 and VSS as a supply. The full error description within the Event Viewer (Application log) seems to be like this:

Volume Shadow Copy Service error: Unexpected error calling routine RegOpenKeyExW (-2147483646, SYSTEMCurrentControlSetServicesVSSDiag,...).  hr = 0x80070005, Access is denied.
Initializing Writer
%MINIFYHTMLb5bdc426b817a5035bf92ebd42cdf8ae5%Writer Class Id: 
Writer Name: System Writer
Writer Instance ID: 

EventID 8193 VSS - Volume Shadow Copy Service error

At the identical time, the server is working fantastic, and there have been no seen issues with the companies or apps. There have been no errors within the listing of VSS modules for the occasion ID of .

vss listing writers

vss system writer

VSS EventID 8193 is a recognized error that’s typically associated to the set up of the DHCP position on a server working Windows Server 2008 (or newer) ensuing within the Network Service account dropping the permissions on the registry key HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesVSSDiag.

The drawback is expounded to the set up of the VSS module – DHCP Jet Writer, which is chargeable for right shadow copy creation of the DHCP service. This VSS module modifications permissions on the desired registry key throughout set up.

To repair this error, you must manually grant the Full Control permission for Network Service on the desired key.

  1. Run the Registry Editor (regedit.exe);
  2. Go to the registry key HKLMSYSTEMCurrentControlSetservicesVSSDiag and open its permissions (Permissions possibility within the context menu);
  3. Find Network Service within the listing and assign the Full Control permissions. HKLMSYSTEMCurrentControlSetservicesVSSDiag registry permissions

Instead of enhancing the registry manually, it could be extra right to revive the default permissions on the registry key utilizing a particular command CLI instrument – SubInACL. Download and set up it (when you’ve got not finished it but) and run the next instructions:

cd “C:Program Files (x86)Windows Resource KitsTools”
subinacl.exe /Subkeyreg SystemPresentControlSetServicesVSSDiag /sddl=D:PAI(A;;KA;;;BA)(A;;KA;;;SY)(A;;CCDCLCSWRPSDRC;;;BO)(A;;CCDCLCSWRPSDRC;;;LS)(A;;CCDCLCSWRPSDRC;;;NS)(A;CIIO;RC;;;OW)(A;;KR;;;BU)(A;CIIO;GR;;;BU)(A;CIIO;GA;;;BA)(A;CIIO;GA;;;BO)(A;CIIO;GA;;;LS)(A;CIIO;GA;;;NS)(A;CIIO;GA;;;SY)(A;CI;CCDCLCSW;;;S-1-5-80-3273805168-4048181553-3172130058-210131473-390205191)(A;ID;KR;;;AC)(A;CIIOID;GR;;;AC)S:ARAI

In Windows Server 2008 R2, the command will appear to be this (in line with Microsoft KB):

subinacl.exe /Subkeyreg SystemPresentControlSetServicesVSSDiag /sddl=O:SYG:SYD:PAI(A;;KA;;;BA)(A;;KA;;;SY)(A;;SDGRGW;;;BO)(A;;SDGRGW;;;LS)(A;;SDGRGW;;;NS)(A;CIIO;RC;;;S-1-Three-Four)(A;;KR;;;BU)(A;CIIO;GR;;;BU)(A;CIIO;GA;;;BA)(A;CIIO;GA;;;BO)(A;CIIO;GA;;;LS)(A;CIIO;GA;;;NS)(A;CIIO;GA;;;SY)(A;CI;CCDCLCSW;;;S-1-5-80-3273805168-4048181553-3172130058-210131473-390205191)

Then change the permissions on the kid (nested) objects within the Registry Editor. To do it, open the Diag reg key properties and click on “Permissions” -> “Advanced” -> “Replace all baby object permissions”.

replace permissions on child objects

Then simply restart your Windows.

PS. When writing this text I discovered that there was one other VSS error with the identical (!!!) EventID 8193 and the next description:

Volume Shadow Copy Service error: Unexpected error calling routine ConvertStringSidToSid(S-1-5-21-2470146651-3958396388-212345117-21232.bak).  hr = 0x80070539,The safety ID construction is invalid.
OnIdentify occasion
Gathering Writer Data
Execution Context: Shadow Copy Optimization Writer
Writer Class Id: 
Writer Name: Shadow Copy Optimization Writer
Writer Instance ID: .

To make the article complete, I’ll describe the answer of this challenge as effectively.

This error doesn’t let you create system state backup or (by way of the Windows Server Backup), which results in the next error: “0x80042308: The specified object was not discovered”.

This drawback is solved in a different way and associated to the wrong entry within the profile’s reg key HKLMSoftwareMicrosoftWindows NTCurrentVersionProfileList. The challenge happens on account of VSS service (Shadow Copy Optimization Writer part) can not discover a consumer profile with the ending in .bak and returns an error. You must delete the registry key proven within the description of the ConvertStringSidToSid occasion (S-1-5-21-2470146651-3958396388-212345117-21232.bak).

  1. Open the regedit.exe;
  2. Go to the HKLMSoftwareMicrosoftWindows NTCurrentVersionProfileList;
  3. Find and delete the registry key with the .bak suffix; delete registry bak key from CurrentVersionProfileList
  4. Restart your pc and attempt to run your backup process once more.

Check Also

Configuring Network Adapter Settings with PowerShell: IP Address, DNS, Default G…

In this text we’ll present you find out how to configure community adapter parameters in …

Leave a Reply

Your email address will not be published. Required fields are marked *