Try the following:
Whenever the user boots in the Active Directory Restore Mode and attempts to restore the Shadow Copy components , the job fails immediately with access denied error message
Attempting to restore any file fails with the same error message.
However the root cause of this issue is that the Active Directory is taken offline when we boot in the Active Directory Restore Mode and hence
Backup Exec is not able to use the Backup Exec service account which is a domain account to proceed with the restore.
In order to resolve this issue please do the following
1. Boot in the Active Directory Restore mode using the user name and password specified during the
installation of Active Directory.
2. Change the login account of all Backup Exec services to " Local System Account"
3. We now need to create an account which is a local account. We cannot create a domain account as the Active Directory is offline in the Active Directory Restore Mode.
However being a domain controller, we cannot create any account using the Graphical User Interface. To get rid of this problem, we create a new user using the following command at the command prompt
net user "username" "password" /add
4 The next step would be to add this user to the local administrators group
Execute the following command
net localgroup "administrators" "username" /add
5. We then need to use Backup Exec and add a new logon account
Click on Network in the menu bar and select logon accounts
In the username field specify the username without any domain name
Specify the same password that was provided while creating the user.
It is not necessary to make this account a default logon account but do not make the account restricted.
6. Run the restore job and the resource credentials for the restore job would be the logon account
created in step 5.
7. We had changed the Backup Exec service account to Local System Account in step 2.
This is done for the sole purpose of restoring Active Directory.
Once we have successfully restored the Active Directory and the server is rebooted,
we need to change the Backup Exec service account back to an Active Directory account
which is also a member of the Domain Administrators group.
If Backup Exec service account is kept to Local System , local backups will be successful
but all remote backups will fail with Access Denied errors.
Hope this helps!