Forum Discussion

Dirk_Loeffler's avatar
Dirk_Loeffler
Level 3
15 years ago

CAPI2 - 513 : Cryptographic Services failed while processing the OnIdentity() call in the System Writer Object.

Hi,

I am running BE12.5 SP4 on a W2003 Server to backup a W2008 file server. On that W2008 file server I got a multiple error in Windows application log:

CAPI2 - 513 : Cryptographic Services failed while processing the OnIdentity() call in the System Writer Object.


I have checked Symantec doc id 327192  (http://seer.entsupport.symantec.com/docs/327192.htm), but all security settings are ok and the SystemWriter *is shown* in vssadmin and the buckup job does not fail.


Anyone any idea how to fix that?
Cheers
Dirk
12.x and Earlier
Backup and Recovery
Backup Exec
Remote Agent for Windows Servers
Windows

4 Replies

Sort By
Replies have been turned off for this discussion
  • RahulG's avatar
    RahulG
    Level 6
    15 years ago
    Try the following a) and/or b) solution(s). If none of the solutions can solve the issue, please contact Microsoft support for further assistance about why System Writer is missing.

    a)  Refer to http://technet.microsoft.com/en-us/library/cc734021(WS.10).aspx  and make appropriate changes to access control list on the %systemdrive%\Windows\registration folder if the situation matches the document.
       
    b) Try to list permissions for the files in %windir%\winsxs\filemaps from a command prompt run as administrator. If access was denied to every file, run the following sequence of commands to reset the permissions and restore the state of System Writer:

          cd c:\windows\system32
          Takeown /f %windir%\winsxs\filemaps\* /a
          icacls %windir%\winsxs\filemaps\*.*  /grant "NT AUTHORITY\SYSTEM:(RX)"
          icacls %windir%\winsxs\filemaps\*.*  /grant "NT Service\trustedinstaller:(F)"
          icacls %windir%\winsxs\filemaps\*.*  /grant "BUILTIN\Users:(RX)"
  • Dirk_Loeffler's avatar
    Dirk_Loeffler
    Level 3
    15 years ago
    H RahulG,

    like I wrote in my post:
    - I have allreday done all theses steps
    - System writer IS PRESENT, (is NOT missing)

    Nevertheless I get this error: CAPI2 - 513 : Cryptographic Services failed while processing the OnIdentity() call in the System Writer Object.

    cheers
    Dirk
  • jurgen_barbieur's avatar
    jurgen_barbieur
    Level 6
    8 years ago

    1. Run: SC sdshow MSLLDP
    You'll get something like below (SDDL language is documented on MSDN):
     
    D:(D;;CCDCLCSWRPWPDTLOCRSDRCWDWO;;;BG)(A;;CCDCLCSWRPWPDTLOCRSDRCWDWO;;;SY)(A;;CCDCLCSWRPDTLOCRSDRCWDWO;;;BA)(A;;CCDCLCSWRPWPDTLOCRSDRCWDWO;;;SO)(A;;LCRPWP;;;S-1-5-80-3141615172-2057878085-1754447212-2405740020-3916490453)S:(AU;FA;CCDCLCSWRPWPDTLOCRSDRCWDWO;;;WD)
     
    2. Run: SC sdshow MUP
    You'll get:
     
    D:(A;;CCLCSWRPWPDTLOCRRC;;;SY)(A;;CCDCLCSWRPWPDTLOCRSDRCWDWO;;;BA)(A;;CCLCSWLOCRRC;;;IU)(A;;CCLCSWLOCRRC;;;SU)S:(AU;FA;CCDCLCSWRPWPDTLOCRSDRCWDWO;;;WD)
     

    ********* IMPORTANT *********************************************************

    Make sure all Command Parameters are in one line without Carriage Returns and Line Feeds as opposed to the way you see them in these instructions! (i.e. switch off word wrapping etc. when you copy and paste through your editor)

     

    ****************************************************************************

    3. Take NT AUTHORITY\ SERVICE entry, which is (A;;CCLCSWLOCRRC;;;SU) and add it to the original MSLLDP security descriptor properly, right before the last S:(AU... group.
     
    4. Apply the new security descriptor to MSLLDP service (make sure command is in one line!!!):
     
    sc sdset MSLLDP D:(D;;CCDCLCSWRPWPDTLOCRSDRCWDWO;;;BG)(A;;CCDCLCSWRPWPDTLOCRSDRCWDWO;;;SY)(A;;CCDCLCSWRPDTLOCRSDRCWDWO;;;BA)(A;;CCDCLCSWRPWPDTLOCRSDRCWDWO;;;SO)(A;;LCRPWP;;;S-1-5-80-3141615172-2057878085-1754447212-2405740020-3916490453)(A;;CCLCSWLOCRRC;;;SU)S:(AU;FA;CCDCLCSWRPWPDTLOCRSDRCWDWO;;;WD)

     

    more info: https://social.technet.microsoft.com/Forums/windows/en-US/156d3b56-0863-47fb-851f-82ea78a7cff2/error-source-capi2-id-513-cryptographic-services-failed-while-processing-the-onidentity-call-in?forum=w8itprogeneral