Date

Unexpected error calling routine ConvertStringSidToSid

Issue

System State backup failed with error: ‘Unexpected error calling routine ConvertStringSidToSid

Observation

  • System State backup failed with error: Unexpected error calling routine ConvertStringSidToSid(S-1-5-21-11xxxxxxxx-176xxxxxxxx-72xxxxxxxx-190xxxx.bak). hr = 0x80070539
  • In Windows Registry at location: ‘HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\ProfileList‘, there are multiple backup User Profile.

Eg:

S-1-5-21-11xxxxxxxx-176xxxxxxxx-72xxxxxxxx-190xxxx.bak

Error in Application logs:

Log Name: Application

Source: VSS

Event ID: 8193

Level: Error

Keywords: Classic

Description:

Volume Shadow Copy Service error: Unexpected error calling routine ConvertStringSidToSid(S-1-5-21-11xxxxxxxx-176xxxxxxxx-72xxxxxxxx-190xxxx.bak). hr = 0x80070539, The security ID structure is invalid.

Cause

This error was caused because there are backup copy of User Profile in Windows Registry at HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\ProfileList (<User_SID>.bak, eg. S-1-5-21-11xxxxxxxx-176xxxxxxxx-72xxxxxxxx-190xxxx.bak). Since the profile folder is deleted from system, Volume Shadow Copy service could not locate profile folder using ProfileImagePath

Solution

  • Take a backup of the HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\ProfileList registry by exporting this key to other location.
  • Delete any subkey under HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\ProfileList  that has a .bak appended to the end of the SID.

Example:

S-1-5-21-11xxxxxxxx-176xxxxxxxx-72xxxxxxxx-190xxxx.bak

  • Reboot the System
  • Initiate the System State backup again

Additional Information

This error may occur if the user profile folder was deleted manually. A profile folder that is deleted manually does not remove the Security Identifier (SID) from the profile list in the registry

If the SID is present, Windows will try to load the profile by using the ProfileImagePath that points to the nonexistent path. Therefore, the profile cannot be loaded

To prevent this issue from happening in future, please delete User profiles manually from System Properties. 

1.     Delete the profile by using the Computer Properties dialog box. To do this, follow these steps:

a.     Click Start, right-click Computer, and then click Properties.

b.     Click Change settings.

c.     In the System Properties dialog box, click the Advanced tab.

d.     In the User Profiles area, click Settings.

e.     In the User Profiles dialog box, select the profile that you want to delete, click Delete, and then click OK.

AZmachina

Knowledge Shared = Knowledge2

We have created AZmachina blog to share our knowledge on Docker & Container and Kubernetes on Windows Servers with curious and enthusiastic novice learner. We hope that this will help them to take a swim in this vast ocean of Window Containers and Kubernetes

Happy Learning !
Recent Posts
Categories
Docker & Container
KUBERNETES
WINDOWS SERVER
BACK & RECOVERY
Archives
Sumeet Kumar

Sumeet Kumar

I am Windows Core Engineer with 7+ years of experience in Windows Hyper-v, Failover Cluster, Windows Storage, Volume Shadow Copy (VSS), Docker & Containers on Windows Servers, Backup & Recovery, VMware vSphere EXSi & vCenter Server

RELATED

Articles

Leave a Reply

Your email address will not be published. Required fields are marked *