Upgrade your Internet Experience
Microsoft.com
Welcome Sign in
Windows Server TechCenter
Click to Rate and Give Feedback
TechNet
TechNet Library
Windows
Windows Server
Events and Errors
Core Security
CryptoAPI 2.0
 Event ID 513 — Shadow Copy System W...

  Switch on low bandwidth view
Event ID 513 — Shadow Copy System Writer Functionality

Updated: November 30, 2007

Applies To: Windows Server 2008

yellow

Shadow Copy automatically creates shadow copies of files and folders to restore a previous version of the file. The Shadow Copy System Writer is used by the cryptographic services provided by the operating system to enumerate and replace system files when the signature of a system file is different from the signature stored in the security catalog database.

Event Details

Product: Windows Operating System
ID: 513
Source: Microsoft-Windows-CAPI2
Version: 6.0
Symbolic Name: MSG_SYSTEMWRITER_ONIDENTITY_FAILURE
Message: Cryptographic Services failed while processing the OnIdentity() call in the System Writer Object.%1.

Resolve

Modify the access control list on the registration folder

Component Object Model (COM) applications must be able to access the COM+ catalog files that are stored in the COM catalog folder. If the default access control list is changed on the COM catalog folder within the Windows folder, the Shadow Copy System Writer may not work properly.

To perform this procedure, you must be a member of the local Administrators group, or you must have been delegated the appropriate authority.

To modify the access control list on the COM catalog folder:

  1. Click Start, and then click Computer.
  2. Navigate to %systemdrive%\Windows.

    By default, %systemdrive% is located at C:\.

  3. Right-click Registration, click Properties, and then click the Security tab.
  4. Click Advanced, and then click Edit.
  5. If the User Account Control dialog box appears, confirm that the action it displays is what you want, and then click Continue.
  6. Click Edit to view the special permissions assigned to this folder.
  7. Ensure that the access control list matches the following criteria:
    • The local Administrators group has Full Control permissions applied to This folder and files.
    • The Everyone group has List folder/read data, Read attributes, Read extended attributes, and Read permissions applied to This folder and files.
    • The local SYSTEM account has Full Control permissions applied to This folder and files.
  8. If the permissions on this folder do not match what is listed in this procedure, make the appropriate changes, and then click OK.

Verify

To perform this procedure, you must be a member of the local Administrators group, or you must have been delegated the appropriate authority.

To verify that the Shadow Copy System Writer is working properly:

  1. Click Start, point to All Programs, and then click Accessories.
  2. Right-click Command Prompt, and then click Run as administrator.
  3. If the User Account Control dialog box appears, confirm that the action it displays is what you want, and then click Continue.
  4. In the command prompt window, type vssadmin list writers.
  5. Ensure that Writer Name: 'System Writer' is displayed in the list.

Related Management Information

Shadow Copy System Writer Functionality

Core Security

Community Content   What is Community Content?
Add new content RSS  Annotations
Permission problem      Maderbacher   |   Edit   |   Show History

In my case it was a permission problem at folder %windir%\winsxs\filemaps.
The problem was solved after executing at command prompt:

Takeown /f %windir%\winsxs\filemaps\* /a
icacls %windir%\winsxs\filemaps\*.* /grant "NT AUTHORITY\SYSTEM:(RX)"
icacls %windir%\winsxs\filemaps\*.* /grant "NT Service\trustedinstaller:(F)"
icacls %windir%\winsxs\filemaps\*.* /grant BUILTIN\Users:(RX)

Reference: http://social.technet.microsoft.com/Forums/en-US/windowsbackup/thread/bb760434-de80-4cb6-ae9e-bd253e4b037c/

Tags What's this?: Add a tag
Flag as ContentBug
Permission problem      Cathy C   |   Edit   |   Show History
Thanks, Maderbacher. This also worked for me.
Flag as ContentBug
Permission Problem      Malraux   |   Edit   |   Show History

My experience:
I'd already followed the steps by Maderbacher with SP1.
There was a recurrence of the problem with SP2 (and probably earlier).
Just changing the permissions for trustedinstaller seems to have worked.

icacls %windir%\winsxs\filemaps\*.* /grant "NT Service\trustedinstaller:(F)"


System Writer showed up again.

I think you should also check if the DCOM and Com+ services are on automatic start.

Final note:

Because I'd followed the earlier steps, trustedinstaller had full permissions on the directory.
However, the permissions were not inherited by the newer files I checked.

Could it be a language issue? (I'm running French versions)

Tags What's this?: Add a tag
Flag as ContentBug
SYSTEM WRITERS kkeps going away.      SYSTEM WRITERS keeps going away ... Thomas Lee   |   Edit   |   Show History

Our ARCSERVE client x64 V12.5 keeps failing on the W2008 server when trying to perform a backup stating: "7/22/2009 4:02:18 AM AE0436 Failed to create system state shadow copy.". This is due to this BUG. SYSTEM WRITERS keeps disappearing from the list produced by: vssadmin list writers.
When this error occurs (several times per week), I have to go to the cmd window, and enter the following:
Takeown /f c:\windows\winsxs\filemaps\* /a
icacls c:\windows\winsxs\filemaps\*.* /grant "NT Service\trustedinstaller:(F)"
Then doing another vssadmin list writers will show SYSTEM WRITERS and the backup will run ok until the next time it goes away..
Isn't there a more permanent solution?

[tfl - 24 07 09] Hi - and thanks for your post.You should post questions like this to the Technet Forums at http://forums.microsoft.com/technet or the MS Newsgroups at

http://www.microsoft.com/communities/newsgroups/en-us/ . You are much more likely get a quick response using the forums than through the Community Content. For specific help about:
Exchange : http://groups.google.com/groups/dir?sel=usenet%3Dmicrosoft.public.exchange%2C &
SQL Server : http://groups.google.com/groups/dir?sel=usenet%3Dmicrosoft.public.sqlserver%2C &
Windows : http://groups.google.com/groups/dir?sel=usenet%3Dmicrosoft.public.windows%2C &
Windows Server : http://groups.google.com/groups/dir?sel=usenet%3Dmicrosoft.public.windows.server%2C &
Virtual Server : http://groups.google.com/group/microsoft.public.virtualserver/topics?lnk
Full Public : http://groups.google.com/groups/dir?sel=usenet%3Dmicrosoft.public%2C &

SOLUTION DO NOT WORK      lechu54   |   Edit   |   Show History

Windows 2008 x64 with exchange 2007.
MS solutin do not work !!!

cmd method :

Takeown /f %windir%\winsxs\filemaps\* /a
icacls %windir%\winsxs\filemaps\*.* /grant "NT AUTHORITY\SYSTEM:(RX)"
icacls %windir%\winsxs\filemaps\*.* /grant "NT Service\trustedinstaller:(F)"
icacls %windir%\winsxs\filemaps\*.* /grant BUILTIN\Users:(RX)

works for a few days only.
After that system.writer disappears

We got problems with standard backup every few days. Please FIX THIS BUG or give a reasonable solution !!!!


Tags What's this?: capi2 (x) error (x) Add a tag
Flag as ContentBug
vista services      mcrom901   |   Edit   |   Show History
check services

application information

it should be on automatic

C:\Windows\system32\svchost.exe -k netsvcs

also check its properties....

dependencies tab shows....

remote procedure call
--dcom server process launcher

user profile services
--remote procedure call

all should be on automatic...

also check this file about visa services

http://download.microsoft.com/download/9/c/5/9c5b2167-8017-4bae-9fde-d599bac8184a/Vista_Services.doc

Tags What's this?: Add a tag
Flag as ContentBug
© 2009 Microsoft Corporation. All rights reserved. Terms of Use | Trademarks | Privacy Statement
Page view tracker