Vss writers problem event id 8194


  1. wangchangqiu
    Posts : 13
    win7
       New #1

    Vss writers problem event id 8194


    Hi,

    We have VSS based backup product for windows for backing up File system, system state,etc.

    We are facing a problem with VSS System writer when trying to get its metadata.

    The following error is logged in application event log.

    Volume Shadow Copy Service error: Unexpected error querying for the IVssWriterCallback interface. hr = 0x80070005. This is often caused by incorrect security settings in either the writer or requestor process.

    Operation:
    Gathering Writer Data

    Context:
    Writer Class Id: {e8132975-6f93-4464-a53e-1050253ae220}
    Writer Name: System Writer
    Writer Instance ID: {faea4846-5127-449d-824e-e75e67eadb0f}


     + System - Provider [ Name] VSS
    - EventID 8194 [ Qualifiers] 0
    Level 2 Task 0 Keywords 0x80000000000000 - TimeCreated [ SystemTime] 2008-09-23T03:56:35.000Z
    EventRecordID 258 Channel Application Computer test-PC Security
    - EventData


    0x80070005


    Operation: Gathering Writer Data Context: Writer Class Id: {e8132975-6f93-4464-a53e-1050253ae220} Writer Name: System Writer Writer Instance ID: {faea4846-5127-449d-824e-e75e67eadb0f}


    2D20436F64653A20575254575254494330303030313038382D2043616C6C3A20575254575254494330303030313035362D20 5049443A202030303030313430302D205449443A202030303030343036342D20434D443A2020433A5C57696E646F77735C73 797374656D33325C737663686F73742E657865202D6B204E6574776F726B53657276696365202020202020202D2055736572 3A204E5420415554484F524954595C4E4554574F524B2053455256494345202020202D205369643A2020532D312D352D3230
    Binary data:

    In Words
    0000: 6F43202D 203A6564 57545257 43495452
    0008: 30303030 38383031 6143202D 203A6C6C
    0010: 57545257 43495452 30303030 36353031
    0018: 4950202D 20203A44 30303030 30303431
    0020: 4954202D 20203A44 30303030 34363034
    0028: 4D43202D 20203A44 575C3A43 6F646E69
    0030: 735C7377 65747379 5C32336D 68637673
    0038: 2E74736F 20657865 4E206B2D 6F777465
    0040: 65536B72 63697672 20202065 20202020
    0048: 7355202D 203A7265 4120544E 4F485455
    0050: 59544952 54454E5C 4B524F57 52455320
    0058: 45434956 20202020 6953202D 20203A64
    0060: 2D312D53 30322D35

    In Bytes
    0000: 2D 20 43 6F 64 65 3A 20 - Code:
    0008: 57 52 54 57 52 54 49 43 WRTWRTIC
    0010: 30 30 30 30 31 30 38 38 00001088
    0018: 2D 20 43 61 6C 6C 3A 20 - Call:
    0020: 57 52 54 57 52 54 49 43 WRTWRTIC
    0028: 30 30 30 30 31 30 35 36 00001056
    0030: 2D 20 50 49 44 3A 20 20 - PID:
    0038: 30 30 30 30 31 34 30 30 00001400
    0040: 2D 20 54 49 44 3A 20 20 - TID:
    0048: 30 30 30 30 34 30 36 34 00004064
    0050: 2D 20 43 4D 44 3A 20 20 - CMD:
    0058: 43 3A 5C 57 69 6E 64 6F C:\Windo
    0060: 77 73 5C 73 79 73 74 65 ws\syste
    0068: 6D 33 32 5C 73 76 63 68 m32\svch
    0070: 6F 73 74 2E 65 78 65 20 ost.exe
    0078: 2D 6B 20 4E 65 74 77 6F -k Netwo
    0080: 72 6B 53 65 72 76 69 63 rkServic
    0088: 65 20 20 20 20 20 20 20 e
    0090: 2D 20 55 73 65 72 3A 20 - User:
    0098: 4E 54 20 41 55 54 48 4F NT AUTHO
    00a0: 52 49 54 59 5C 4E 45 54 RITY\NET
    00a8: 57 4F 52 4B 20 53 45 52 WORK SER
    00b0: 56 49 43 45 20 20 20 20 VICE
    00b8: 2D 20 53 69 64 3A 20 20 - Sid:
    00c0: 53 2D 31 2D 35 2D 32 30 S-1-5-20




     <Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event">
    - <System>
    <Provider Name="VSS" />

    <EventID Qualifiers="0">8194</EventID>

    <Level>2</Level>

    <Task>0</Task>

    <Keywords>0x80000000000000</Keywords>

    <TimeCreated SystemTime="2008-09-23T03:56:35.000Z" />

    <EventRecordID>258</EventRecordID>

    <Channel>Application</Channel>

    <Computer>test-PC</Computer>

    <Security />

    </System>


    - <EventData>
    <Data>0x80070005</Data>

    <Data>Operation: Gathering Writer Data Context: Writer Class Id: {e8132975-6f93-4464-a53e-1050253ae220} Writer Name: System Writer Writer Instance ID: {faea4846-5127-449d-824e-e75e67eadb0f}</Data>

    <Binary>2D20436F64653A20575254575254494330303030313038382D2043616C6C3A205752545752544943303030303130 35362D205049443A202030303030313430302D205449443A202030303030343036342D20434D443A2020433A5C57696E646F 77735C73797374656D33325C737663686F73742E657865202D6B204E6574776F726B53657276696365202020202020202D20 557365723A204E5420415554484F524954595C4E4554574F524B2053455256494345202020202D205369643A2020532D312D 352D3230</Binary>

    </EventData>


    </Event>




    The above event indicats that VSS writers can not make a callback to requestor due to some security restrictions.

    Pl. help us to understand what might be causing this problem.

    Thanks
      My Computer
    Quote Quote

  3. wangchangqiu
    Posts : 13
    win7
    Thread Starter
       New #2

    More detailed info:

    We use COM elevation Moniker to elevate privilege when UAC is enable, codes are as following:



    // Don't elevate if were already running as administrator
    if(IsUserAnAdmin())
    {
    hr = CoCreateInstance(rclsid, NULL, CLSCTX_INPROC_SERVER, riid, ppv);

    // If we fail, lets try creating elevated instead of just failing
    if(SUCCEEDED(hr))
    return hr;
    }

    StringFromGUID2(rclsid, wszCLSID, cntof(wszCLSID));
    hr = StringCchPrintfW( wszMonikerName,
    cntof(wszMonikerName),
    L"Elevation:Administrator!new:%s",
    wszCLSID);
    if (FAILED(hr))
    return hr;

    memset(&bo, 0, sizeof(bo));
    bo.cbStruct = sizeof(bo);
    bo.hwnd = hwnd;
    bo.dwClassContext = CLSCTX_LOCAL_SERVER ;
    HRESULT res = CoGetObject(wszMonikerName, &bo, riid, ppv);


    If not run the app as administrator, the error would occur.
    But if run the app as administrator, the error would not appear.

    And i have checked the difference between CLSCTX_INPROC_SERVER and CLSCTX_LOCAL_SERVER, and it seems that is the cause of this issue.
    But how to solve it?

    Thanks
      My Computer
    Quote Quote

 

  Related Discussions
Source A Guy
Hi there guys I am in a very difficult position in and need to lift my marks uhm does anyone know short story writers? Or is there maybe someone that is very good in narrative short story writing on this forum that can help me out? Will give more info when there is someone that can help me.:D ...
hi, Iam looking audio driver for My Home Pc.I install windows 7 32 bit OS,but there is no sound it showing nodrivers for audio...I search but could not find the drives... Please Help me..to get the drivers for IBM 8194 audio drivers .....Windows 7 32 bit OS
VSS 8194 ERROR with Mozy Backup
in Backup and Restore

The backup works fine and I ping fine, but I still get this error message, how can I get rid of it. Access denied. I am in an Admin account as well. Contact Mozy and they said it was an MS issue since I can backup fine. Log Name: Application Source: VSS Date: 3/21/2010...
Our Sites
Site Links
About Us
Windows 7 Forums is an independent web site and has not been authorized, sponsored, or otherwise approved by Microsoft Corporation. "Windows 7" and related materials are trademarks of Microsoft Corp.

 © Designer Media Ltd
All times are GMT -5. The time now is 06:34.
Find Us