Need help debugging SMB problem


pokeefe0001

Well-known member
Member
VIP
Local time
12:46 AM
Posts
217
Location
Pacific Northwest USA
OS
Windows 11
I use Macrium Reflect to take 2 backups daily to a NAS on each of 5 Windows computers. On one PC, one of these backups often fails with Reflect reporting a credentials problem. Often it's the first of the two backups, but sometimes it's both, and sometimes the first succeeds but the second fails. The backups always run fine on a manual retry. All backups run fine on the other 4 computers. All of these backups, whether scheduled or manually started run in the background under the SYSTEM userid - specifically "NT AUTHORITY\SYSTEM".

This could be the Windows SMB restriction that a given userid can have only one one set of credentials for a destination NAS. Maybe some process, running under SYSTEM, is opening an SMB connection to the NAS with some other set of credentials, but I don't know of any such access to the NAS, and I never see that other connection in a Get-SmbConnection display.

I've run some packet traces - Wireshark and NETSH TRACE - capturing the connection setup of both failing and successful connections. Both look weird to me: a bunch of failing attempts specifying a blank userid before (in the successful setups) sending a request specifying the correct userid. I don't know if this is something unique to Reflect's use of SMB or if all connection setups look like this. I could obviously trace the setup of a File Explorer connection to the NAS, but that would be under my userid, not SYSTEM, and I need to see how it works under SYSTEM. Is there some tool that will start an SMB connection under System. (Yes, I know. It's called Macrium Reflect, Acronis True Image, etc. I mean some other tool. Some simple tool.)

I've opened a problem ticket with Macrium but none of their suggestions have worked. The fact that this is working fine on my 4 other computers (and every other computer in the whole world using Reflect to backup to a NAS) implies this is not a bug in Reflect, but it could be something gone wrong in my installation. A "repair" reinstall didn't help.

I'm running out of ideas. anyone have any suggestions?
 
Windows Build/Version
Win11 Pro 21H2 build 22000.795

My Computer

System One

  • OS
    Windows 11
    Computer type
    PC/Desktop
    Manufacturer/Model
    Microsoft
    CPU
    Intel Core i5-8400
    Motherboard
    ASUS PRIME H370-PLUS
    Memory
    16GB
    Graphics Card(s)
    Intel UHD Graphics 630
    Sound Card
    On board
    Monitor(s) Displays
    Samsung SyncMaster 2043BWX
    Screen Resolution
    1680 x 1050
    Hard Drives
    Samsung SSD 850 256GB
    WDC 1TB NVMe
    WD 3TB external USB drive
    PSU
    I don't remember
    Case
    Corsair something-or-other
    Cooling
    Air CPU + 2 case fans
    Keyboard
    DAS S Pro (Cherry Brown)
    Mouse
    Logitech USB of some sort
The only thing I can suggest to try is uninstall Macrium using the free version of Revo Installer. There is an installer as well as a portable version.
Revo will give you the option of removing any leftover files and registry entries. When it gets to the 'scan' stage of the uninstall process, choose the advanced option. Be sure to choose to remove any leftover files or registry entries it finds.
Then restart the computer and reinstall Macrium. Build your schedule again.
 

My Computers

System One System Two

  • OS
    Windows 11 Pro 23H2 22631.3296
    Computer type
    PC/Desktop
    Manufacturer/Model
    Dell Optiplex 7080
    CPU
    i9-10900 10 core 20 threads
    Motherboard
    DELL 0J37VM
    Memory
    32 gb
    Graphics Card(s)
    none-Intel UHD Graphics 630
    Sound Card
    Integrated Realtek
    Monitor(s) Displays
    Benq 27
    Screen Resolution
    2560x1440
    Hard Drives
    1tb Solidigm m.2 +256gb ssd+512 gb usb m.2 sata
    PSU
    500w
    Case
    MT
    Cooling
    Dell Premium
    Keyboard
    Logitech wired
    Mouse
    Logitech wireless
    Internet Speed
    so slow I'm too embarrassed to tell
    Browser
    Firefox
    Antivirus
    Defender+MWB Premium
  • Operating System
    Windows 10 Pro 22H2 19045.3930
    Computer type
    PC/Desktop
    Manufacturer/Model
    Dell Optiplex 9020
    CPU
    i7-4770
    Memory
    24 gb
    Monitor(s) Displays
    Benq 27
    Screen Resolution
    2560x1440
    Hard Drives
    256 gb Toshiba BG4 M.2 NVE SSB and 1 tb hdd
    PSU
    500w
    Case
    MT
    Cooling
    Dell factory
    Mouse
    Logitech wireless
    Keyboard
    Logitech wired
    Internet Speed
    still not telling
    Browser
    Firefox
    Antivirus
    Defender+MWB Premium
The only thing I can suggest to try is uninstall Macrium using the free version of Revo Installer. There is an installer as well as a portable version.
Revo will give you the option of removing any leftover files and registry entries. When it gets to the 'scan' stage of the uninstall process, choose the advanced option. Be sure to choose to remove any leftover files or registry entries it finds.
I'll probably have to give that a try. But not today since I'm run lots of backups on Mondays. (Most of which work with no problem.)
Then restart the computer and reinstall Macrium. Build your schedule again.
I think I can export and import most of my schedules. It's only two of them that have problems.

On the other hand, I would really like to know how to diagnose the SMB problem. In particular, I would really like to see what a "normal" setup of a connection under SYSTEM looks like. Maybe all SMB connection setups under SYSTEM look as odd as the Reflect setup but I would like to verify that. I think I could schedule something to run under SYSTEM, but I don't know anything other than File Explorer and backup software that starts SMB connections. Hmm. Maybe I could schedule a "net use" command to run under SYSTEM and see what happens.

Bonehead question: When I run something from an elevated command prompt that just runs under my userid with admin properties doesn't it? So that wouldn't be a valid test. I really need this to run under
"NT AUTHORITY\SYSTEM".
 

My Computer

System One

  • OS
    Windows 11
    Computer type
    PC/Desktop
    Manufacturer/Model
    Microsoft
    CPU
    Intel Core i5-8400
    Motherboard
    ASUS PRIME H370-PLUS
    Memory
    16GB
    Graphics Card(s)
    Intel UHD Graphics 630
    Sound Card
    On board
    Monitor(s) Displays
    Samsung SyncMaster 2043BWX
    Screen Resolution
    1680 x 1050
    Hard Drives
    Samsung SSD 850 256GB
    WDC 1TB NVMe
    WD 3TB external USB drive
    PSU
    I don't remember
    Case
    Corsair something-or-other
    Cooling
    Air CPU + 2 case fans
    Keyboard
    DAS S Pro (Cherry Brown)
    Mouse
    Logitech USB of some sort
If I understand it correctly, when you something as administrator it's at the highest possible privileges that a user can run. Someone correct me if I'm wrong here.
 

My Computers

System One System Two

  • OS
    Windows 11 Pro 23H2 22631.3296
    Computer type
    PC/Desktop
    Manufacturer/Model
    Dell Optiplex 7080
    CPU
    i9-10900 10 core 20 threads
    Motherboard
    DELL 0J37VM
    Memory
    32 gb
    Graphics Card(s)
    none-Intel UHD Graphics 630
    Sound Card
    Integrated Realtek
    Monitor(s) Displays
    Benq 27
    Screen Resolution
    2560x1440
    Hard Drives
    1tb Solidigm m.2 +256gb ssd+512 gb usb m.2 sata
    PSU
    500w
    Case
    MT
    Cooling
    Dell Premium
    Keyboard
    Logitech wired
    Mouse
    Logitech wireless
    Internet Speed
    so slow I'm too embarrassed to tell
    Browser
    Firefox
    Antivirus
    Defender+MWB Premium
  • Operating System
    Windows 10 Pro 22H2 19045.3930
    Computer type
    PC/Desktop
    Manufacturer/Model
    Dell Optiplex 9020
    CPU
    i7-4770
    Memory
    24 gb
    Monitor(s) Displays
    Benq 27
    Screen Resolution
    2560x1440
    Hard Drives
    256 gb Toshiba BG4 M.2 NVE SSB and 1 tb hdd
    PSU
    500w
    Case
    MT
    Cooling
    Dell factory
    Mouse
    Logitech wireless
    Keyboard
    Logitech wired
    Internet Speed
    still not telling
    Browser
    Firefox
    Antivirus
    Defender+MWB Premium
But for the sake of SMB connections, the issue is not authority or priveledges; it's userid. For any given userid there can be only one set of network connections in use for a remote NAS. Trying to set up another connection under that userid to that NAS with different credentials will fial. (And that's the error I'm getting with Macrium Reflect). In testing this, I need that userid to be SYSTEM. I doubt Windows does anything special when setting up an SMB connection for SYSTEM, but if it were to any special case, I suspect that special case would be for SYSTEM.
 

My Computer

System One

  • OS
    Windows 11
    Computer type
    PC/Desktop
    Manufacturer/Model
    Microsoft
    CPU
    Intel Core i5-8400
    Motherboard
    ASUS PRIME H370-PLUS
    Memory
    16GB
    Graphics Card(s)
    Intel UHD Graphics 630
    Sound Card
    On board
    Monitor(s) Displays
    Samsung SyncMaster 2043BWX
    Screen Resolution
    1680 x 1050
    Hard Drives
    Samsung SSD 850 256GB
    WDC 1TB NVMe
    WD 3TB external USB drive
    PSU
    I don't remember
    Case
    Corsair something-or-other
    Cooling
    Air CPU + 2 case fans
    Keyboard
    DAS S Pro (Cherry Brown)
    Mouse
    Logitech USB of some sort

Latest Support Threads

Back
Top Bottom