Build a great reporting interface using Splunk, one of the leaders in the Security Information and Event Management (SIEM) field, linking the collected Windows events to www.eventid.net. The EventId.Net for Splunk Add-on assumes that Splunk is collecting information from Windows servers and workstation via the Splunk Universal Forwarder.
Sqllib error: Database <database> is stored on multiple volumes, only some of which are being shadowed.
|English: Request a translation of the event description in plain English.|
As per Microsoft: "When a shadow copy of a complex data store is taken, it is important that every volume that contains a part of the data store is included in the shadow copy set. Otherwise, the shadow copy set will be corrupt because it only contains some of the volumes, not the complete group. In addition, the security settings on the data store should allow the Local System account to connect". See MSW2KDB for details.
From a newsgroup post: "I have a resolution from Microsoft Product support.
It is a bug with SP1, and there are 2 solutions (I found solution 2 easier, as solution 1 requires a server restart and will mean AD DB & Log to be both on C: drive):
1. Moving the AD log files back to the default location (“C:”). (To discover where your AD database and log files are stored, navigate to the registry key: HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\NTDS\Parameters)
2. Select “D:” (or a file in that volume) to force a shadow copy on it.
This, in turn will suppress the NTDS writer error. (I created a dummy text file on the drive where my NTDS Log files were and included it in the backup set). The likely reason behind those error messages is that AD is configured in such way that it keeps the databases and the logs on separate volumes. The AD writer (NTDS) will report an error if you try to create a shadow copy set that has one of the volumes but not the other. The problem is that in this configuration (AD databases and logs are on a different volume) NTBackup doesn't pick up the correct set of volumes. By selecting system state, NTBackup requests for a shadow copy to be created on the boot volume. By the time NTBackup requests for the location of the AD database and logs, the shadow copy has already been created. Thus, NTBackup will not create a snapshot on “D:”. This throws the NTDS writer off, thinking that NTBackup is not going to pick up all its data on D: thus causing an error".
See ME953871 for additional information about this event.
|Private comment: Subscribers only. See example of private comment|
|Links: ME953871, MSW2KDB|
|Search: Google - Bing - Microsoft - Yahoo - EventID.Net Queue (0) - More links...|
Send comments or solutions
- Notify me when updated