Table of Contents
If you've setup some native or third-party backup procedures on your system (in our case we had Cobian Backup) it might happen to stumble upon the following error message in the Event Viewer log:
|
1 2 3 4 5 |
Error Message : Volume Shadow Copy Service error: Unexpected error querying for the IVssWriterCallback interface. hr = 0x80070005, Access is denied. This is often caused by incorrect security settings in either the writer or requestor process. |
The issue, as the error says, is most likely related to the lack of permissions of the Volume Shadow Copy service.
Solution 1: Registry settings
The first thing you should try in order to solve the issue is to add the appropriate permissions for the account executing the service: you can do that my altering the registry settings of the affected machine. Here are the required steps to do that:
- open the service manager interface (Start > Run > services.msc).
- look for the Volume Shadow Copy service and ensure it's running: if it's stopped, make it start and set up its esecution to Automatic, then see if the problem is gone. If it is, you're fixed it, unless you'll have to keep reading.
- take notice of the Volume Shadow Copy service execution account: for example, it could be .\Administrator, Network Service, Local System or some other system account.
- open up the registy editor (Start > Run > regedit).
- navigate up to HKEY_LOCAL_MACHINE>SYSTEM>CurrentControlSet>Services>VSS>VssAccessControl
- Create a DWORD key and give it a value of 1 and a key name equal to the fully-qualified name of the system account used by the service, such as:
- For the .\Administrator account, use the key .\Administrator.
- For the Network Service account, use the key NT Authority\NetworkService.
- For the Local System account, use the key NT Authority\SYSTEM.
The following image, included only as an example, allows the execution of the VSS to all the aforementioned system accounts:
You don't need to do that, just adding the account used by the VSS service should be more than enough to solve your issue.
Solution 2: COM Security Settings
If the first solution doesn't work, you can try to grant to SYSTEM and NETWORK SERVICE access to the machine's Component Services. In order to do that you need to perform the following steps:
- open the Component Services management panel (Start > Run > dcomcnfg).
- on the right-side of the newly-opened windows, expand the Component Services > Computers > My Computer nodes.
- right-click on My Computer and select Properties from the contextual menu.
- in the newly-opened window, select the COM Security tab.
- look up for the Access Permissions options panel and click to the Edit Default button.
- in the newly-opened window, add the SYSTEM and Network Service users (if not already there) and grant them the Local Access permission by activating the proper checkbox.
- close everything and restart the machine.
The following screenshot shows how you can perform all these steps.
I followed all of these steps. Everything you mentioned was already configured as you described, yet I continue to experience the following errors. I have Server 2012 with Cloudberry Backup Server Edition to a Synology 1817+ DiskStation.
Have you tried to temporarily disable your AV software or other anti-malware tool? Some of them can lock or protect the VSC service.
Didn’t solve anything
Are these changes supposed to be made from the Server Side or the Client Computer Side?
SPOT ON! Thank you so much Ryan! I tried all above and was the same on a Server 2012R2 which was filling itself to breaking point but nothing, then you AV comment suddenly made my mind whir and remember that Sentinel 1 does regard restore points as risk of malware and so I disabled it from web console and boom it instantly let me delete the shadow copies and change the settings which all error’ed out previously! Cheers!