DenTechCO
asked on
Event 488 and 413 pop up after in-place server upgrade
I just upgraded our client's terminal server from 2012 to 2012 R2. The upgrade seemed to go through without any major issues. RDS is working correctly. Went through event viewer to check for any issues afterwards, and I'm getting Event 488 and Event 413 after a reboot. I've copied the two event details below.
Error 4/14/2017 8:17:01 PM ESENT 488 General
Log Name: Application
Source: ESENT
Date: 4/14/2017 8:17:01 PM
Event ID: 488
Task Category: General
Level: Error
Keywords: Classic
User: N/A
Computer: TSERVER2012.BCPD.denver
Description:
svchost (804) An attempt to create the file "C:\Windows\system32\LogFi
Event Xml:
<Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event">
<System>
<Provider Name="ESENT" />
<EventID Qualifiers="0">488</EventI
<Level>2</Level>
<Task>1</Task>
<Keywords>0x80000000000000
<TimeCreated SystemTime="2017-04-15T02:
<EventRecordID>58456</Even
<Channel>Application</Chan
<Computer>TSERVER2012.BCPD
<Security />
</System>
<EventData>
<Data>svchost</Data>
<Data>804</Data>
<Data>
</Data>
<Data>C:\Windows\system32\
<Data>-1032 (0xfffffbf8)</Data>
<Data>5 (0x00000005)</Data>
<Data>Access is denied. </Data>
</EventData>
</Event>
Error 4/14/2017 8:17:01 PM ESENT 413 Logging/Recovery
Log Name: Application
Source: ESENT
Date: 4/14/2017 8:17:01 PM
Event ID: 413
Task Category: Logging/Recovery
Level: Error
Keywords: Classic
User: N/A
Computer: TSERVER2012.BCPD.denver
Description:
svchost (804) Unable to create a new logfile because the database cannot write to the log drive. The drive may be read-only, out of disk space, misconfigured, or corrupted. Error -1032.
Event Xml:
<Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event">
<System>
<Provider Name="ESENT" />
<EventID Qualifiers="0">413</EventI
<Level>2</Level>
<Task>3</Task>
<Keywords>0x80000000000000
<TimeCreated SystemTime="2017-04-15T02:
<EventRecordID>58457</Even
<Channel>Application</Chan
<Computer>TSERVER2012.BCPD
<Security />
</System>
<EventData>
<Data>svchost</Data>
<Data>804</Data>
<Data>
</Data>
<Data>-1032</Data>
</EventData>
</Event>
It looks like an ownership problem from what I can tell. Any ideas would be greatly appreciated.
Error 4/14/2017 8:17:01 PM ESENT 488 General
Log Name: Application
Source: ESENT
Date: 4/14/2017 8:17:01 PM
Event ID: 488
Task Category: General
Level: Error
Keywords: Classic
User: N/A
Computer: TSERVER2012.BCPD.denver
Description:
svchost (804) An attempt to create the file "C:\Windows\system32\LogFi
Event Xml:
<Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event">
<System>
<Provider Name="ESENT" />
<EventID Qualifiers="0">488</EventI
<Level>2</Level>
<Task>1</Task>
<Keywords>0x80000000000000
<TimeCreated SystemTime="2017-04-15T02:
<EventRecordID>58456</Even
<Channel>Application</Chan
<Computer>TSERVER2012.BCPD
<Security />
</System>
<EventData>
<Data>svchost</Data>
<Data>804</Data>
<Data>
</Data>
<Data>C:\Windows\system32\
<Data>-1032 (0xfffffbf8)</Data>
<Data>5 (0x00000005)</Data>
<Data>Access is denied. </Data>
</EventData>
</Event>
Error 4/14/2017 8:17:01 PM ESENT 413 Logging/Recovery
Log Name: Application
Source: ESENT
Date: 4/14/2017 8:17:01 PM
Event ID: 413
Task Category: Logging/Recovery
Level: Error
Keywords: Classic
User: N/A
Computer: TSERVER2012.BCPD.denver
Description:
svchost (804) Unable to create a new logfile because the database cannot write to the log drive. The drive may be read-only, out of disk space, misconfigured, or corrupted. Error -1032.
Event Xml:
<Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event">
<System>
<Provider Name="ESENT" />
<EventID Qualifiers="0">413</EventI
<Level>2</Level>
<Task>3</Task>
<Keywords>0x80000000000000
<TimeCreated SystemTime="2017-04-15T02:
<EventRecordID>58457</Even
<Channel>Application</Chan
<Computer>TSERVER2012.BCPD
<Security />
</System>
<EventData>
<Data>svchost</Data>
<Data>804</Data>
<Data>
</Data>
<Data>-1032</Data>
</EventData>
</Event>
It looks like an ownership problem from what I can tell. Any ideas would be greatly appreciated.
Last Comment
ASKER CERTIFIED SOLUTION
THIS SOLUTION IS ONLY AVAILABLE TO MEMBERS.
View this solution by signing up for a free trial.
Members can start a 7-Day free trial and enjoy unlimited access to the platform.
SOLUTION
THIS SOLUTION IS ONLY AVAILABLE TO MEMBERS.
View this solution by signing up for a free trial.
Members can start a 7-Day free trial and enjoy unlimited access to the platform.
Glad we could help.
@OP, experts and future visitors:
Please remember to endorse my, or any other expert's comments that you found helpful by clicking on the "Thumb's Up" button
Read more on endorsements
https://www.experts-exchange.com/discussions/218503/What-are-Endorsements.html
@OP, experts and future visitors:
Please remember to endorse my, or any other expert's comments that you found helpful by clicking on the "Thumb's Up" button
Read more on endorsements
https://www.experts-exchange.com/discussions/218503/What-are-Endorsements.html
Microsoft Server OS
The Microsoft Server topic includes all of the legacy versions of the operating system, including the Windows NT 3.1, NT 3.5, NT 4.0 and Windows 2000 and Windows Home Server versions.
59K
Questions
--
Followers
--
Top Experts
Get a personalized solution from industry experts
TRUSTED BY
ASKER