Monitor unlimited number of servers
Filter log events
Create email and web-based reports

Direct access to Microsoft articles
Customized keywords for major search engines
Access to premium content

Event ID: 191 Source: SnapDrive

Source
Level
Description
Failed to create a consistent snapshot({972bea84-cfe4-4f5a-9bf3-ff3073367d0c}) of the virtual disk(s) [E F G H I ].

Error code : The notification to the SnapDrive client informing it of the readiness to create the Virtual Disk snapshot timed out.
Comments
 
While a scheduled snapshot is being taken the VSS writer times out and the job cancels but the stores are locked up hard and no clients can connect or view any email.

Any attempts to manually restart the Store.exe fails and the only way so far to restore functionality is to restart the server itself.
From a NetApp support document:

SnapManager for Exchange (SME) backup fails with VSS_E_PROVIDER_VETO

Symptoms

SME backup fails with VSS_E_PROVIDER_VETO

After a reboot of the Exchange Server (either clustered or non clustered), the first SME backup works fine.

The next (and the following) backup(s) fail with VSS_E_PROVIDER_VETO:

VSS Event ID: 8193:
Volume Shadow Copy Service error: Unexpected error calling routine DeviceIoControl(IOCTL_VOLUME_SET_GPT_ATTRIBUTES). hr = 0×800700aa

Navssprv Event ID 4356:
NetApp VSS hardware provider’s AbortSnapshot method is called [SnapshotSetId={c1bfe1c1-a6f7-4636-adad-8d60515123e8}]
VSS has failed the current shadow copy session because the previous errors are not continuable

SnapDrive Event ID 191:
Failed to create a consistent snapshot({c1bfe1c1-a6f7-4636-adad-8d60515123e8}) of the virtual disk(s) [J: I: E: F: G: H: ]

SME:
Error in calling VSS API: Error code = 0×80042306 Error description: VSS_E_PROVIDER_VETO (Error Code: 0×80042306)

Solution

Follow these steps to determine the root cause:

1. Take a manual snapshot using SnapDrive and mount a LUN in that snapshot. If this is possible, then this is not a SnapDrive problem. Go to the next step.

2. Ensure the SnapDrive account in a member of the local administrators group on both the filer and the host.

3. Is a preferred IP Address configured? If not, configure it. In SnapDrive 3.2 and above, this can be done in the SD GUI by right-clicking on “Disks” after expanding “SnapDrive”. Choose properties from the pop-up menu and then go to the “Preferred filer” tab. Enter the filer name and the preferred IP address in the respective columns. The PIP should be a public interface on the filer NOT the private interface used for ISCSI-BLOCK traffic.

4. Make sure that no non-Exchange/SQL data is being stored on the LOGS LUN.

5. Make sure that a stand-alone VSS Hardware Provider from SnapDrive 3.0x has not been installed. This can be checked by running “vssadmin list providers” anywhere on the SnapDrive Server. Only two providers should be listed. If doing an upgrade from SnapDrive 3.0x, then completely uninstall SnapDrive 3.0x and the Hardware Provider first. Then install SnapDrive 3.1x from scratch.

6. Is Veritas Agent used for backing up SnapDrive Server? If so, using Volume Shadowcopy Service (VSS) and Veritas Snapshot Provider (VSP) can cause volumes to become marked read-only. Check the version of the “vsp.sys” driver. If it is less than 1.4, upgrade it. To download the updated driver and to get more info on this problem read the following Veritas Article .

Check for the following file: windowssystem32driversvsp.sys. If the file version is 1.03, either remove the “Veritas Remote Backup Agent ” Or update vsp.sys to version 1.04 (Veritas Hotfix 272771). After installing Veritas Hotfix 272771 (vsp.sys and vspapi.dll), multiple SME backups will work fine.

Windows Event Log Analysis Splunk App

Build a great reporting interface using Splunk, one of the leaders in the Security Information and Event Management (SIEM) field, linking the collected Windows events to www.eventid.net.

Read more...

 

Cisco ASA Log Analyzer Splunk App

Obtain enhanced visibility into Cisco ASA firewall logs using the free Firegen for Cisco ASA Splunk App. Take advantage of dashboards built to optimize the threat analysis process.

Read more...