Resolve VSS Error 8194 Event Viewer

When you start the Remote Backup program you may experience multiple instances of VSS Error 8194 in the Application event log. These errors DO NOT generally impact the ability of the program to perform online backups, but often raise questions from system administrators or managed service providers due the error status indicated. This tech note explains how to make the adjustments required to eliminate these messages from occurring in the Application event log.

The 8194 events are typically generated by the following services: System Writer (Cryptographic) service, NPS VSS Writer service, TS Gateway Writer service and (Windows) SP Search VSS Writer service. There may be others. The error is similar to the following taken from an SBS 2008 R2 system:

Log Name: Application

Source: VSS
Date: 7/20/2011 11:16:01 PM
Event ID: 8194
Task Category: None
Level: Error
Keywords: Classic
User: N/A
Computer: MYSERVER.mydomain.local
Description:
Volume Shadow Copy Service error: Unexpected error querying for the IVssWriterCallback interface. hr = 0x80070005. This is often caused by incorrect security settings in either the writer or requestor process. 

 

Error code 8194 is an "Accessed Denied" error caused by the inability of one or more VSS system writers to communicate with the Remote Backup VSS requestor process via the "COM" calls exposed in the IVssWriterCallback interface (Microsoft programming interface to the Volume Shadow Service).


This is not a functional error in the Remote Backup program, but rather a security issue caused by select VSS writer(s) running as a service under the "Network Service" (or "Local Service") account(s) and not the Local System or Administrator account. By default, in order for a Windows service to perform a COM activation it must be running as Local System or as a member of the Administrators group.

 

Suggested Resolution and fix the correct way :) 

  1. Select Start
  2. Select Run
  3. Type in dcomcnfg (Press Enter) 

In the Left Pane of the window

  1. Right Click on My Computer
  2. Select Properties
  3. Select the Com Security Tab
  4. Select the Edit Default button Under Access Permissions
  5. Select Add
  6. Find the Network Services account
  7. Add only local access
  8. Select OK
  9. Close all windows
  10. Reboot Server to Refresh DCOM