P
paul
I'm using NTBACKUP (v5.0) to create System State backups
of a W2K SP4 Domain Controller that is also a Certificate
Server. The DC is configured as an enterprise root CA
which we want offline - rather than disconnect from the
network we have stopped the CertSvc service and set it to
manual - certificates are thus only provided by an online
subordinate. The CertSvc service is set to log on as Local
System, Interact with Desktop.
When I run NTBACKUP to do System State, the following
error appears in the System log:
Event Type: Error
Event Source: DCOM
Event Category: None
Event ID: 10002
Date: 29/12/2003
Time: 16:28:55
User: Domain\Account
Computer: Server01
Description:
Access denied attempting to launch a DCOM Server. The
server is:
{D99E6E73-FC88-11D0-B498-00A0C90312F3}
The user is Account/Domain, SID=x-x-x-xx-xxxxxxxxxx-
xxxxxxxxx-xxxxxxxxxx-xxxx.
The GUID relates to CertSrv Admin so it would appear that
NTBACKUP is attempting to start something to backup the
database. Checking DCOMCNFG indicates that CertSrv Admin
security is using Custom Permissions of Everyone Access
but No-one Launch - I don't know whether to change this,
and what the implications are.
The account that is referenced in the error is a local
admin and can manually control CertSvc, so I'm not clear
what context NTBACKUP is running under, or indeed what
it's trying to do.
If I start CertSvc manually and run NTBACKUP I don't get
the error. Also, with the backup log set to Detailed I can
see an additional folder (Folder System State\Certificate
Server) included in the backup, with approx 15Mb
additional data.
so...
have I missed something in the configuration of
CertSvc/DCOM or NTBACKUP, or is this a problem with
NTBACKUP that means I must have CertSvc running during
each System State backup?
regards
paul
psqry1203
of a W2K SP4 Domain Controller that is also a Certificate
Server. The DC is configured as an enterprise root CA
which we want offline - rather than disconnect from the
network we have stopped the CertSvc service and set it to
manual - certificates are thus only provided by an online
subordinate. The CertSvc service is set to log on as Local
System, Interact with Desktop.
When I run NTBACKUP to do System State, the following
error appears in the System log:
Event Type: Error
Event Source: DCOM
Event Category: None
Event ID: 10002
Date: 29/12/2003
Time: 16:28:55
User: Domain\Account
Computer: Server01
Description:
Access denied attempting to launch a DCOM Server. The
server is:
{D99E6E73-FC88-11D0-B498-00A0C90312F3}
The user is Account/Domain, SID=x-x-x-xx-xxxxxxxxxx-
xxxxxxxxx-xxxxxxxxxx-xxxx.
The GUID relates to CertSrv Admin so it would appear that
NTBACKUP is attempting to start something to backup the
database. Checking DCOMCNFG indicates that CertSrv Admin
security is using Custom Permissions of Everyone Access
but No-one Launch - I don't know whether to change this,
and what the implications are.
The account that is referenced in the error is a local
admin and can manually control CertSvc, so I'm not clear
what context NTBACKUP is running under, or indeed what
it's trying to do.
If I start CertSvc manually and run NTBACKUP I don't get
the error. Also, with the backup log set to Detailed I can
see an additional folder (Folder System State\Certificate
Server) included in the backup, with approx 15Mb
additional data.
so...
have I missed something in the configuration of
CertSvc/DCOM or NTBACKUP, or is this a problem with
NTBACKUP that means I must have CertSvc running during
each System State backup?
regards
paul
psqry1203