Situation: The client create a Barracuda backup job on a new server. It doesn’t work with this error:
Errors
———————————–
System State
Filesystem
-=[ Files ]=-
Duration: August 28 2021 10:36PM to 10:36PM CDT for —
Items:
Backup Size: 0 bytes at —
Scan Rate: 0 items at < 1 item/sec
Troubleshooting 1: on the new server, check the Network under File Explorer. We find the problem is Network discovery is turned off.
Turning network Discovery on fixes the problem.
Troubleshooting 2:
Please turn off, restart, and start these services in the order presented, making sure of the correct startup type where listed. As this is a template, it is not likely that all services will be listed on any given server. If the service is not there, just move to the next.
STOP ########### Volume Shadow Copy (Set to manual startup type) Microsoft Software Shadow Copy Provider (Set to automatic startup type) SQL Server VSS Writer (if present) Microsoft Exchange Information Store (if present) HyperV Virtual Machine Management (if present) Barracuda backup agent
Background Intelligent Transfer Service
RESTART ############ Cryptographic Services COM + Event Systems
START ########### Volume Shadow Copy Microsoft Software Shadow Copy Provider SQL Server VSS Writer (if present) Microsoft Exchange Information Store (if present) HyperV Virtual Machine Management (if present) Barracuda backup agent – MAKE SURE TO START LAST
Situation: The client has a problem to login Symantec Endpoint Protection Manager with Unexpected server error.
Troubleshooting: They just upgraded their DCs from Windows 2012 r2 to Windows 2016. They nee tp add the new DCs in Directory Servers by going to Admin>Servers>servername>Directory Servers.
Situation: The client created a batch file to robocpoy file over network. Running the bathc in command prompt as administartor works fine. However, it doesn’t work on Scheduler with error code 0x10.
Troubleshooting: 1. We find the local user blin and domain blin are different password. Since robocopy over the domain network, you should use domain account for example chicgaotech\blin instead of blin.
2. You may need to run a batch file in administrator mode by following these steps:
1. Create a shortcut to the batch file 2. Right click on the batch file shortcut 3. Select properties 4. Go to the Shortcut tab
5. Click on the Advanced button
6. Click the checkbox next to Run as Administrator
Situation: The client has a server making loud noise.
Resolution 1: Perform a power drain.
1. Power off the server 2. Unplug the power cords 3. Press and hold power button for 30 seconds 4. Release the power button and plug the power cords back in 5. Wait 5 minutes then power on the server
Situation: The user can’t turn on his Laptop. It turn on for a few seconds and then it turn off.
Troubleshooting 1: Perform a power drain
Shut down the computer.
Unplug the computer from the wall socket.
If the battery is removable, remove the battery and hold the Power button down for 15 seconds.
If the battery is non-removable, while the computer is ON, hold the power button down and wait for the computer to shut down and still hold the power button down for another 15 seconds.
Turn the computer ON and check.
Troubleshooting 2: It could hardware issue. Check Hard disk, RAM connection and motherboard.
Make sure the drivers of the graphics card and monitor are all up to date.
Graphics cards need to be properly seated in their PCI slots in order to work efficiently. Ensure that the video cable is fine and plugged in properly.
Video display problems could be a monitor-related issue instead of the graphics card.
4. Check the ‘Device Status’ of your graphic card: Go to Device Manager> Display adapters.
5. Graphics card problems can be related to hardware or software.
6. High temperature can occur when the computer is stored in a poorly ventilated area or the ventilation outlets have been blocked. Use troubleshooting tools: GPU-Z, Heaven Benchmark tool,
Situation: The client just upgraded their QNAP NAS. After that they can’t access QNAP on one of servers. They find the QNAP is setup to use SMB2 or above. So, they disable the SMB1 on the server. After restarting the server, Workstation and Netlogon services won’t start so that they can’t access network sharing and RDP doesn’t work.
Troubleshooting 1:
Workstation service is still depended on SMB. If you want to disable SMB1, you must allow SMB2/3 to function. These are what you want to do:
-flag SMB1 for disabled on the Server service.
-flag SMB2 for enabled on the Server service. -changes the dependencies for the workstation service to no longer require SMB1 services (mrxsmb10). -disables the mrxsmb10 service from starting. -sets the mrxsmb20 service to auto-start
Troubleshooting 2: Correct mrxsmb and mrxsmb20 registry HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services.
ErrorControl is a type REG_DWORD which specifies how to proceed if the driver fails to load or to initialize properly:
Value
D e s c r i p t i o n
0
Ignore: If the driver fails to load or initialize, startup proceeds, and no warning message appears.
1
Normal: If the driver fails to load or initialize, startup proceeds, but a warning message appears.
2
Severe: If the driver fails to load or initialize, declares the startup as having failed and restarts by using the LastKnownGood control set. If startup is already using the LastKnownGood control set, continues startup.
3
Critical: If the driver fails to load or initialize, declares the startup as having failed and restarts by by using the LastKnownGood control set. If startup is already using the LastKnownGood control set, stops startup and runs a debugging program.
ImagePath is a type REG_EXPAND_SZ that contains the full path to the executable. This entry is not used for network adapters.
ObjectName is a type REG_DWORD which contains the account name for services or the driver object that the I/O manager uses to load the device driver.
Start is a type REG_DWORD which specifies how the service is loaded or started. If the service is a Win32 service, the value of Start must be 2, 3, or 4. This value entry is not used for network adapters.
Value
D e s c r i p t i o n
0
Boot: Loaded by kernel loader. Components of the driver stack for the boot (startup) volume must be loaded by the kernel loader.
1
System: Loaded by I/O subsystem. Specifies that the driver is loaded at kernel initialization.
2
Automatic: Loaded by Service Control Manager. Specifies that the service is loaded or started automatically.
3
Manual:. The service does not start until the user starts it manually, such as by using Services or Devices in Control Panel.
4
Disabled: Specifies that the service should not be started.
Type is a type REG_DWORD that specifies what this object represents:
Value
D e s c r i p t i o n
1
A kernel-mode device driver.
2
A file system driver.
4
A set of arguments for an adapter.
8
A file system driver service, such as a file system recognizer.
16 (0x10)
A Win32 program that runs in a process by itself. This type of Win32 service.can be started by the Service Controller.
32 (0x20
A Win32 program that shares a process. This type of Win32 service can be started by the Service Controller.
272 (0x110)
A Win32 program that runs in a process by itself (like Type16) and can interact with users.
288 (0x120)
A Win32 program that shares a process and can interact with users.
For example
Troubleshooting 3: Run SFC /SCANNOW command to fix damaged system files.
Last night we installed Windows update August security update (KB5005039). Now, Veeam backup and mapping to other server shared folders because we can’t start workstation and netlogon services. Also I can’t remote access to the server.
These are the dependencies.
Any suggestions?
Troubleshooting: 1. We can’t start Netlogon service because we can’t start Workstation service.
2. We can’t start the Workstation because the SMB 2.0 MiniRedirector service which failed to start.
3. The SMB 2.0 MiniRedirector service which failed to start because of the following error: The service cannot be started, either because it is disabled or because it has no enabled devices associated with it
Refer to Event ID 7001 – The Workstation service depends on the SMB 2.0 MiniRedirector service which failed to start because of the following error: The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.
Troubleshooting 1:
Workstation service is still depended on SMB. If you want to disable SMB1, you must allow SMB2/3 to function. These are what you want to do:
-flag SMB1 for disabled on the Server service.
-flag SMB2 for enabled on the Server service. -changes the dependencies for the workstation service to no longer require SMB1 services (mrxsmb10). -disables the mrxsmb10 service from starting. -sets the mrxsmb20 service to auto-start
Troubleshooting 2: Correct mrxsmb and mrxsmb20 registry HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services.
ErrorControl is a type REG_DWORD which specifies how to proceed if the driver fails to load or to initialize properly:
Value
D e s c r i p t i o n
0
Ignore: If the driver fails to load or initialize, startup proceeds, and no warning message appears.
1
Normal: If the driver fails to load or initialize, startup proceeds, but a warning message appears.
2
Severe: If the driver fails to load or initialize, declares the startup as having failed and restarts by using the LastKnownGood control set. If startup is already using the LastKnownGood control set, continues startup.
3
Critical: If the driver fails to load or initialize, declares the startup as having failed and restarts by by using the LastKnownGood control set. If startup is already using the LastKnownGood control set, stops startup and runs a debugging program.
ImagePath is a type REG_EXPAND_SZ that contains the full path to the executable. This entry is not used for network adapters.
ObjectName is a type REG_DWORD which contains the account name for services or the driver object that the I/O manager uses to load the device driver.
Start is a type REG_DWORD which specifies how the service is loaded or started. If the service is a Win32 service, the value of Start must be 2, 3, or 4. This value entry is not used for network adapters.
Value
D e s c r i p t i o n
0
Boot: Loaded by kernel loader. Components of the driver stack for the boot (startup) volume must be loaded by the kernel loader.
1
System: Loaded by I/O subsystem. Specifies that the driver is loaded at kernel initialization.
2
Automatic: Loaded by Service Control Manager. Specifies that the service is loaded or started automatically.
3
Manual:. The service does not start until the user starts it manually, such as by using Services or Devices in Control Panel.
4
Disabled: Specifies that the service should not be started.
Type is a type REG_DWORD that specifies what this object represents:
Value
D e s c r i p t i o n
1
A kernel-mode device driver.
2
A file system driver.
4
A set of arguments for an adapter.
8
A file system driver service, such as a file system recognizer.
16 (0x10)
A Win32 program that runs in a process by itself. This type of Win32 service.can be started by the Service Controller.
32 (0x20
A Win32 program that shares a process. This type of Win32 service can be started by the Service Controller.
272 (0x110)
A Win32 program that runs in a process by itself (like Type16) and can interact with users.
288 (0x120)
A Win32 program that shares a process and can interact with users.
For example
Troubleshooting 3: Run SFC /SCANNOW command to fix damaged system files.
Situation: The client configures Pola Alto Firewall failover. Now, they have a problem to access the AWS site to site VPN. They would like to know the reason.
Troubleshooting: 1. Go to Monitor>Logs>System.
2. Search for date and time which lost the connection, and Suntype eq VPN.
3. We do see critical under Severity on Tunnel 3 and 4, which indicates there is a connectivity issue.
4. We also see Severity low showing IKE phase-1 SA is down determined by DPD, which means PA firewall works fine and keeps sending traffics to other side.
.
5. After the a few minutes, it shows Tunnel 3 and 4 is up.
Conclusion:: PA Firewall works fine and it is other part issue.
Situation: The client has a problem to backup one of their servers using Barracuda Backup with this error: This may have been caused by a change to user settings or permissions at the data source or it may be that the target server is offline.
Troubleshooting: Run test software connection. It is successful. We fixed the problem by running these services: Background Intelligent Transfer Service, Barracuda Backup Agent, COM+Event System, Microsoft Software Shadow Copy Provider, Volume Shadow Copy services.
