SystemState Backup failing under Windows Server 2016

wbadmin start systemstatebackup -backuptarget:d: -quiet

After migration to 2016, I observed following error …

Error in backup of C:\windows\\systemroot\ during enumerate: Error [0x8007007b] The filename, directory name, or volume label syntax is incorrect.

After some searching , we found that this error is related to vmware tools version 10.1.x which sets incorrect path for some driver location.

To exactly find what file is causing, use following

• Open command prompt [Run as Administrator] , type below and press ENTER.

1
DiskShadow /L writers.txt

The prompt will point to DISKSHADOW>
Now Type

1
list writers detailed
and press ENTER

After a while, this will list all of the writers and affected volumes. After completion, EXIT.

Open the writers.txt file in notepad or any text editor, then a search for windows\\ text , it should find the following:
File List: Path = c:\windows\\systemroot\system32\drivers, Filespec = vsock.sys
So the culprit was VSOCK.SYS To sort this we need to correct the path in the windows REGISTRY.

Run REGEDIT , then navigate to

HKLM\SYSTEM\CurrentControlSet\Services\vsock

Then change the ImagePath value string data from the incorrect

1
\systemroot\system32\DRIVERS\vsock.sys
to
1
System32\DRIVERS\vsock.sys
As showed in the image below …
BEFORE …

AFTER …


No need to reboot/log off. Simply run the backup again & this time you should see SUCCESSFUL report.



July 2022 Updates:
at one of our domain controller (server 2019) backup file via batch file was failing for 2 reasons.
a) I made an script which do systemstate export (using daily task scheduled as RUN WETHER USER IS LOGGED IN OR NOT), then using WINRAR CMD , it rars the d:\windowsimagebackup file to current date (dc_currentdate.rar) file, and copy it to file server backup folder. Rar was failing for some reason and the task scheduler was always showing TASK IS RUNNING. since the task was running in background, therefore RAR was stuck because it require to press OK button, which is not possible if its running in background. therefore I did following,
when the backup script starts, it first kills any existing WINRAR session, then it deletes any existing D:\windowsimagebackup folder, then it starts backup which then worked fine.
Noting it down here for personnel future reference.
sample backup file which do AD and DHCP Backup.
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
:: @echo off
echo "%date% %time% script started" > c:\backup\ad_sysstate_bkp_log.txt
::::::::::::::::::::::::::::::::::::::::::
:: MYCOMPANY.AD.LOCAL DC BACKUP SCRIPT
::::::::::::::::::::::::::::::::::::::::::
set srvname=MYCOMPANY.AD.LOCAL
set ROLE=AD
set FILESRV=FILESERVER
set DATAPARK=\\%FILESRV%\DataPark
set description=%srvname% - Daily Status of %ROLE% Backup Data Copied in %FILESRV%
set jobname=%srvname% - Daily Status of %ROLE% Backup Data Copied in %FILESRV%
set attachment=c:\backup\%srvname%__backup.log
set mail-subject=%srvname% - Daily Status of %ROLE% Backup Data Copied in %FILESRV%
set mail-body=%srvname% - Daily Status of %ROLE% Backup Data Copied in %FILESRV%
set mail-to=zaib@mycompany.com
set FILESRVBKPFOLDER=\\FILESERVER\DataPark\MYCOMPANY.AD.LOCAL
set footer=%srvname% %ROLE% Automated Backup and Email Logs Script Created by zaib Ltd. IS Dept. / Syed Jahanzaib
set BKP_FOLDER=D:\WindowsImageBackup
:: DELETING OLDER WINDOWS BACKUP
taskkill /F /IM winrar.exe
rd /s /q %BKP_FOLDER%
set RAR_BKP_FOLDER=D:\%srvname%_RAR_BKP_FOLDER
set DHCP_BKP_FOLDER=D:\dhcp_backup
if not exist c:\backup mkdir c:\backup
if not exist %FILESRVBKPFOLDER% mkdir %FILESRVBKPFOLDER%
if not exist %DHCP_BKP_FOLDER% mkdir %DHCP_BKP_FOLDER%
if not exist %BKP_FOLDER% mkdir %BKP_FOLDER%
if not exist %RAR_BKP_FOLDER% mkdir %RAR_BKP_FOLDER%
if exist %attachment% del /f %attachment%
:: if exist net use /delete t:
:: if not exist t: net use T: %DATAPARK%
set DAYS=-5
set FILECOUNT=5
set cnt1=0
set cnt2=0
set EXT1=rar
set CUR_YYYY=%date:~10,4%
set CUR_MM=%date:~4,2%
set CUR_DD=%date:~7,2%
set CUR_HH=%time:~0,2%
if %CUR_HH% lss 10 (set CUR_HH=0%time:~1,1%)
set CUR_NN=%time:~3,2%
set CUR_SS=%time:~6,2%
set CUR_MS=%time:~9,2%
set FINAL_RAR_FILE_NAME=%srvname%__AD_BKP_%CUR_YYYY%%CUR_MM%%CUR_DD%-%CUR_HH%%CUR_NN%%CUR_SS%.rar
:: echo %FINAL_RAR_FILE_NAME%
:: goto :EOF
IF EXIST "%ProgramFiles(x86)%\WinRAR" (
SET pth="%ProgramFiles(x86)%\WinRAR"
)
IF EXIST "%ProgramFiles%\WinRAR" (
SET pth="%ProgramFiles%\WinRAR"
)
FOR /F "skip=1 tokens=1-6" %%A IN ('WMIC Path Win32_LocalTime Get Day^,Hour^,Minute^,Second /Format:table ^| findstr /r "."') DO (
set Milisecond=%time:~9,2%
set Day=%%A
set Hour=%%B
set Minute=%%C
set Second=%%D
)
set /a Start=%Day%*8640000+%Hour%*360000+%Minute%*6000+%Second%*100+%Milisecond%
 
:: PUT COMMANDS HERE
echo "Now Running DHCP Backup script to copy DHCP DB to file server folder ..."
netsh dhcp server export %DHCP_BKP_FOLDER%\MYCOMPANY.AD.LOCAL_DHCP_Backup_%date:~-10,2%-%date:~-7,2%-%date:~-4,4%---%time:~0,2%-%time:~3,2%.txt all
robocopy /s /e /w:0 /r:0 /FP %DHCP_BKP_FOLDER% %FILESRVBKPFOLDER%\dhcp_backup
echo Now starting %srvname% %ROLE% backup using wbadmin command ...
wbadmin start systemstatebackup -backuptarget:d: -quiet
 
for %%I in (%BKP_FOLDER%) do %pth%\winrar A -m0 -r -df "%RAR_BKP_FOLDER%\%FINAL_RAR_FILE_NAME%" "%%I"
echo
echo ***** NOW COPYING %srvname% BACKUP DATA TO %FILESRVBKPFOLDER%\AD
echo **************************************************
robocopy /E /S /w:0 /r:0 %RAR_BKP_FOLDER% %FILESRVBKPFOLDER%\AD
 
echo "Deleting OLD Backup Folder older then %DAYS% days - - - - - -- - - - - - - - -- - - - - -"
:: if not exist %BKP_FOLDER% goto del_rar_files
 
for /f %%A in ('dir %RAR_BKP_FOLDER% *.%EXT1%^| find "File(s)"') do set cnt1=%%A
if %cnt1% gtr %FILECOUNT% (
echo *.%EXT1% Files Older then %DAYS% days from %RAR_BKP_FOLDER% will be deleted ...
powershell -COMMAND "Get-ChildItem -Path %RAR_BKP_FOLDER%\ -Include *.%EXT1% -Recurse | where-object {$_.lastwritetime -lt (get-date).adddays(%DAYS%)} | Remove-Item -Force"
) else (
echo *** %EXT1% files count in %RAR_BKP_FOLDER% is %cnt1% which is less then %FILECOUNT% number threshold so no deletion required
)
 
for /f %%A in ('dir %FILESRVBKPFOLDER%\AD *.%EXT1%^| find "File(s)"') do set cnt2=%%A
if %cnt2% gtr %FILECOUNT% (
echo *.%EXT1% Files Older then %DAYS% days from %FILESRVBKPFOLDER%\AD will be deleted ...
powershell -COMMAND "Get-ChildItem -Path %FILESRVBKPFOLDER%\AD -Include *.%EXT1% -Recurse | where-object {$_.lastwritetime -lt (get-date).adddays(%DAYS%)} | Remove-Item -Force"
) else (
echo *** %EXT1% files count in %FILESRVBKPFOLDER%\AD is %cnt1% which is less then %FILECOUNT% number threshold so no deletion required
)
 
FOR /F "skip=1 tokens=1-6" %%A IN ('WMIC Path Win32_LocalTime Get Day^,Hour^,Minute^,Second /Format:table ^| findstr /r "."') DO (
set Day=%%A
set Hour=%%B
 
set Minute=%%C
set Second=%%D
)
set Milisecond=%time:~9,2%
set /a End=%Day%*8640000+%Hour%*360000+%Minute%*6000+%Second%*100+%Milisecond%
set /a Diff=%End%-%Start%
set /a DiffMS=%Diff%%%100
set /a Diff=(%Diff%-%DiffMS%)/100
set /a DiffSec=%Diff%%%60
set /a Diff=(%Diff%-%Diff%%%60)/60
set /a DiffMin=%Diff%%%60
set /a Diff=(%Diff%-%Diff%%%60)/60
set /a DiffHrs=%Diff%
 
:: format with leading zeroes
if %DiffMS% LSS 10 set DiffMS=0%DiffMS!%
if %DiffSec% LSS 10 set DiffMS=0%DiffSec%
if %DiffMin% LSS 10 set DiffMS=0%DiffMin%
if %DiffHrs% LSS 10 set DiffMS=0%DiffHrs%
 
echo The Domain Controller %srvname% Backup Report > %attachment%
echo.>> %attachment%
echo The Backup Script took %DiffHrs% Hours, %DiffMin% Mnts, %DiffSec% Secs >> %attachment%
echo.>> %attachment%
echo Following Backup folders are now available in DATAPARK - %FILESRVBKPFOLDER%\AD >> %attachment%
echo.>> %attachment%
echo AD System State Backup copied in %FILESRVBKPFOLDER%\AD Folder >> %attachment%
echo.>> %attachment%
dir %FILESRVBKPFOLDER%\AD >> %attachment%
echo.>> %attachment%
echo.>> %attachment%
echo %footer% >> %attachment%
c:\blat\blat.exe %attachment% -to %mail-to% -i %srvname% -s "%mail-subject%"
:EOF
echo %footer%