Win10Pro Backup Log Warnings

Hi All,

I have a lab full of Win10 Pro PCs that I keep configured with Puppet. I am
using Puppet to run a “scheduled_task” using the Duplicati command line. After
much experimentation I feel I’m really close to having a solution. My backups upload
to Google Drive and I am able to restore individual files and folders. However,
I do not have full confidence as I do not understand whether the warnings in the backup
logs would in some way cause failures in a full restore.

Currently I invoke a backup with:

c:\Program Files\Duplicati 2\Duplicati.CommandLine.exe backup googledrive://Duplicati/$HOSTNAME c:
–authid=$OAUTHID
–accept-any-ssl-certificate=true
–send-mail-to=$EMAIL_ADDRESS
–send-mail-url=tls://smtp.sendgrid.com:$PORT
–send-mail-username=$USERNAME
–send-mail-password=$PASSWORD
–snapshot-policy=on
–backup-name=cdrive
–encryption-module=aes
–compression-module=zip
–dblock-size=50mb
–keep-time=3M
–passphrase=$PASSPHRASE
–disable-module=console-password-input
–log-file=DuplicatiLog.txt
–log-retention=1M"

The email report after backup is below. It’s full of warnings that indicate to me that it is not
running as an Admin with elevated privileges. However, when I open “Scheduled Tasks” I see that
it is set to run once a day with elevated privileges. In services.msc it’s listed as a “Running”
service.

Duplicati Output

DeletedFiles: 763
DeletedFolders: 97
ModifiedFiles: 491
ExaminedFiles: 408074
OpenedFiles: 1481
AddedFiles: 990
SizeOfModifiedFiles: 1546142674
SizeOfAddedFiles: 359467699
SizeOfExaminedFiles: 63985137624
SizeOfOpenedFiles: 1928814701
NotProcessedFiles: 0
AddedFolders: 103
TooLargeFiles: 0
FilesWithError: 0
ModifiedFolders: 0
ModifiedSymlinks: 0
AddedSymlinks: 0
DeletedSymlinks: 0
PartialBackup: False
Dryrun: False
MainOperation: Backup
ParsedResult: Warning
Version: 2.0.4.23 (2.0.4.23_beta_2019-07-14)
EndTime: 6/15/2020 10:58:58 AM (1592243938)
BeginTime: 6/15/2020 10:49:02 AM (1592243342)
Duration: 00:09:56.5508451
Log data:
2020-06-15 10:51:44 -07 - [Warning-Duplicati.Library.Main.Operation.Backup.FileBlockProcessor.FileEntry-PathProcessingFailed]: Failed to process path: c:\hiberfil.sys
System.UnauthorizedAccessException: (5) Access is denied: [\?\GLOBALROOT\Device\HarddiskVolumeShadowCopy35\hiberfil.sys]
at Alphaleonis.Win32.NativeError.ThrowException(UInt32 errorCode, String readPath, String writePath)
at Alphaleonis.Win32.Filesystem.File.CreateFileCore(KernelTransaction transaction, String path, ExtendedFileAttributes attributes, FileSecurity fileSecurity, FileMode fileMode, FileSystemRights fileSystemRights, FileShare fileShare, Boolean checkPath, PathFormat pathFormat)
at Alphaleonis.Win32.Filesystem.File.OpenCore(KernelTransaction transaction, String path, FileMode mode, FileSystemRights rights, FileShare share, ExtendedFileAttributes attributes, Nullable1 bufferSize, FileSecurity security, PathFormat pathFormat) at Duplicati.Library.Snapshots.SystemIOWindows.FileOpenRead(String path) at Duplicati.Library.Main.Operation.Backup.FileBlockProcessor.<>c__DisplayClass1_0.<<Run>b__0>d.MoveNext() 2020-06-15 10:56:10 -07 - [Warning-Duplicati.Library.Main.Operation.Backup.FileBlockProcessor.FileEntry-PathProcessingFailed]: Failed to process path: c:\Users\lygos_admin\AppData\Local\Microsoft\WindowsApps\GameBarElevatedFT_Alias.exe System.IO.IOException: (1920) The file cannot be accessed by the system: [\\?\GLOBALROOT\Device\HarddiskVolumeShadowCopy35\Users\lygos_admin\AppData\Local\Microsoft\WindowsApps\GameBarElevatedFT_Alias.exe] at Alphaleonis.Win32.NativeError.ThrowException(UInt32 errorCode, String readPath, String writePath) at Alphaleonis.Win32.Filesystem.File.CreateFileCore(KernelTransaction transaction, String path, ExtendedFileAttributes attributes, FileSecurity fileSecurity, FileMode fileMode, FileSystemRights fileSystemRights, FileShare fileShare, Boolean checkPath, PathFormat pathFormat) at Alphaleonis.Win32.Filesystem.File.OpenCore(KernelTransaction transaction, String path, FileMode mode, FileSystemRights rights, FileShare share, ExtendedFileAttributes attributes, Nullable1 bufferSize, FileSecurity security, PathFormat pathFormat)
at Duplicati.Library.Snapshots.SystemIOWindows.FileOpenRead(String path)
at Duplicati.Library.Main.Operation.Backup.FileBlockProcessor.<>c__DisplayClass1_0.<b__0>d.MoveNext()
2020-06-15 10:56:10 -07 - [Warning-Duplicati.Library.Main.Operation.Backup.FileBlockProcessor.FileEntry-PathProcessingFailed]: Failed to process path: c:\Users\lygos_admin\AppData\Local\Microsoft\WindowsApps\MicrosoftEdge.exe
System.IO.IOException: (1920) The file cannot be accessed by the system: [\?\GLOBALROOT\Device\HarddiskVolumeShadowCopy35\Users\lygos_admin\AppData\Local\Microsoft\WindowsApps\MicrosoftEdge.exe]
at Alphaleonis.Win32.NativeError.ThrowException(UInt32 errorCode, String readPath, String writePath)
at Alphaleonis.Win32.Filesystem.File.CreateFileCore(KernelTransaction transaction, String path, ExtendedFileAttributes attributes, FileSecurity fileSecurity, FileMode fileMode, FileSystemRights fileSystemRights, FileShare fileShare, Boolean checkPath, PathFormat pathFormat)
at Alphaleonis.Win32.Filesystem.File.OpenCore(KernelTransaction transaction, String path, FileMode mode, FileSystemRights rights, FileShare share, ExtendedFileAttributes attributes, Nullable`1 bufferSize, FileSecurity security, PathFormat pathFormat)
at Duplicati.Library.Snapshots.SystemIOWindows.FileOpenRead(String path)
at Duplicati.Library.Main.Operation.Backup.FileBlockProcessor.<>c__DisplayClass1_0.<b__0>d.MoveNext()

My previous invocation had “–snapshot-policy=off” and I was seeing warnings like:

2020-06-10 13:04:52 -07 - [Warning-Duplicati.Library.Main.Operation.Backup.FileEnumerationProcess-FileAccessError]: Error reported while accessing file: C:\Windows\System32\LogFiles\WMI\RtBackup
System.UnauthorizedAccessException: Access to the path ‘C:\Windows\System32\LogFiles\WMI\RtBackup’ is denied.

The above warnings/errors “look worse” to me than what I am seeing with the snapshot policy turned on.

Any ideas on how to eliminate these warnings/errors would be much appreciated. Like I mentioned, I can restore individual files and folders, so I’m not sure whether I should simply not be paying attention to these (?).

Thanks for your help!

Marshall

Hello and welcome to the forum! I see no one has responded to your message yet - sorry about that.

Even with snapshot policy on, you don’t want to back up files like pagefile.sys, hiberfil.sys, etc. I wish Duplicati would always exclude those files and not require the user to exclude manually.

I don’t know why some of the other files failed to back up, but I can tell you that Duplicati is not intended to do full system backups. You will not be able to do a bare metal restore (BMR), so there is no point in backing up operating system files or program files. Duplicati is really designed for user data.

Does knowing that affect your use case? If you need image level backups or the ability to do BMR, I recommend looking at alternate solutions.

Hi,

I ended up using the option “–exclude-files-attributes=Hidden,System,Temporary” and that appeared to do the trick. It wasn’t clear to me that Duplicati was not bare-metal restore capable, but I do not need that functionality on the hosts that I am backing up so no problem there.

Thanks for replying to my post!

Marshall

1 Like