Loading
← Вернуться в раздел «Microsoft Windows»
Исходные данные:
— Конфигурация компьютера/сервера: AMD Athlon II X3 440/RAM 8Gb/2 x HDD 500GB + 2 x SSD Samsung 850 EVO 250GB/Video Palit NVIDIA GeForce 210 512 Mb
— Установлена Windows 2012R2 со всеми обновлениями с ролью терминальных служб (терминальный сервер)
— Установлены также MS SQL 2012R2 и 1C:Предприятие 8.2
— Из HDD сделан программный массив средствами ОС (диск C), также сделан массив из двух SSD (диск D). На диске C — система, а на диске D — базы SQL для 1С.
Проблема:
Цитата:
Временами, точнее всегда виснет вся винда, как-бы замирает на 5-10 секунд, курсов мышки при этом двигается. Потом отвисает и работает. Это повторяется, сперва одну минуту все нормально, а потом тормоза, explorer и программы — не отвечают, но курсор мышки двигается во время 5-10го секундного зависания.
В логах появляется сообщение:
1.
Цитата:
svchost (1680) Запрос на чтение файла «C:Windowssystem32LogFilesSumCurrent.mdb» со смещением 151552 (0x0000000000025000) размером 4096 (0x00001000) байт не был выполнен в течение 36 с. Скорее всего, данная проблема связана с неисправным оборудованием. За помощью в диагностике проблемы обращайтесь к поставщику оборудования.
2.
Цитата:
svchost (1680) Запрос на запись в файл «C:Windowssystem32LogFilesSumSvc.log» со смещением 929792 (0x00000000000e3000) размером 4096 (0x00001000) байт выполнен, но его выполнение ОС заняло слишком много времени (60 секунд). Кроме того, с тех пор как последнее сообщение об этой ошибке было возвращено 7559 секунд назад, выполнение 0 других запросов ввода-вывода из этого файла также заняло слишком много времени. Вероятно, эта ошибка вызвана сбоем оборудования. Обратитесь к поставщику оборудования, чтобы точно установить причину ошибки.
3.
Цитата:
svchost (1680) Запрос на запись в файл «C:Windowssystem32LogFilesSumSvc.log» со смещением 929792 (0x00000000000e3000) размером 4096 (0x00001000) байт не был выполнен в течение 36 с. Скорее всего, данная проблема связана с неисправным оборудованием. За помощью в диагностике проблемы обращайтесь к поставщику оборудования.
4.
Цитата:
Служба «Диспетчер настройки устройств» перешла в состояние Остановлена.
Цитата:
Служба «Диспетчер настройки устройств» перешла в состояние Работает.
Вот с датчиков инфа:
Свойства датчика
Цитата:
Тип датчика ITE IT8728F (ISA 228h)
Тип датчика ГП Diode (NV-Diode)
Системная плата Gigabyte 890GPA-UD3H / 970A / 990FXA / 990XA / A55 / A75 Series
Обнаружено вскрытие корпуса Да
Температуры
Цитата:
Системная плата 27 °C (81 °F)
ЦП 25 °C (77 °F)
ЦП 1 / Ядро 1 25 °C (77 °F)
ЦП 1 / Ядро 2 25 °C (77 °F)
ЦП 1 / Ядро 3 25 °C (77 °F)
Северный мост 38 °C (100 °F)
Диод ГП 32 °C (90 °F)
ST3500413AS (5VMRNLG4) 32 °C (90 °F)
ST3500413AS (5VMPW0XE) 31 °C (88 °F)
Samsung SSD 850 EVO 250GB (S21MNSAG105418D) 30 °C (86 °F)
Samsung SSD 850 EVO 250GB (S21MNSAG105379Z) 30 °C (86 °F)
Напряжения
Цитата:
Ядро ЦП 1.320 V
+3.3 V 3.344 V
+5 V 5.040 V
+12 V 12.024 V
DIMM 1.488 V
Ядро ГП 1.050 V
До этого я поменял мат. плату и ОЗУ, оставив только процессор. Системе — всего две недели.
Сам думаю переустановить всю Windows 2012R2 или установить более старую и наверно стабильную 2008R2.
Автор: AkeHayc
Дата сообщения: 20.04.2015 20:18
Сейчас обновил прошивку жестких дисков, завтра проверю ПК на предмет зависаний.
Автор: ipmanyak
Дата сообщения: 22.04.2015 11:14
Автор: AkeHayc
Дата сообщения: 26.04.2015 06:11
Спасибо за ссылку, выяснил что это происходит от службы Acronis disk monitor.
Удалил её и все стало нормально.
Страницы: 1
Предыдущая тема: 0x000007b при установке Windows XP SP3 With ACHI
Форум Ru-Board.club — поднят 15-09-2016 числа. Цель — сохранить наследие старого Ru-Board, истории становления российского интернета. Сделано для людей.
Обновлено 18.08.2016
Как решается ошибка 490, ошибка 455, ошибка 489 в Windows Server 2012 R2-01
Всем привет сегодня расскажу как решается ошибка 490, ошибка 455, ошибка 489 в Windows Server 2012 R2. По сути каждая их этих ошибок сводится к одному решению. Давайте более детально рассмотрим текст ошибок.
Код события 455: sqlservr (5216) Ошибка -1032 (0xfffffbf8) при открытии файла журнала C:Windowssystem32LogFilesSumApi.log
Код события 489: sqlservr (5216) Не удалось открыть файл «C:Windowssystem32LogFilesSumApi.log» только для чтения, системная ошибка 5 (0x00000005): «Отказано в доступе. «. Операция открытия файла не будет выполнена, ошибка: -1032 (0xfffffbf8).
Код события 490: sqlservr (5216) Не удалось открыть файл «C:Windowssystem32LogFilesSumApi.chk» для чтения и записи, системная ошибка 5 (0x00000005): «Отказано в доступе. «. Операция открытия файла не будет выполнена, ошибка: -1032 (0xfffffbf8).
Вот скриншоты данных ошибок.
Как решается ошибка 490, ошибка 455, ошибка 489 в Windows Server 2012 R2-02
Как решается ошибка 490, ошибка 455, ошибка 489 в Windows Server 2012 R2-03
Как решается ошибка 490, ошибка 455, ошибка 489 в Windows Server 2012 R2-04
Видим что в каждом из случаев MS SQL 2012 не может попасть в папку C:Windowssystem32LogFilesSum. Тут два решения отключить UAC для той учетной записи от имени которой запускается Microsoft SQL 2012 и более правильный дать права доступа на данную папку для учетной записи от имени которой запускается сиквел.
Вот так вот просто решается ошибка 490, ошибка 455, ошибка 489 в Windows Server 2012 R2.
Материал сайта pyatilistnik.org
Авг 18, 2016 23:01
Hi.
We have a SQL Server cluster A/B/C
A and B has 4 SQL Server 2014 instances, 1 SQL Server 2012 instance.
C has 2 SQL Server 2014 instances(a sync replica)
Everything runs well until I installed new SQL Server 2016 instance, it was fine at the beginning, but Server B crashed on that night.
The second day I disabled SQL Server 2016, and rebooted the B node for 4 times, and it crashed 4 times when available memory drops to roughly 40GB, as long as I limit the total max sql server memory setting to total ram — 50GB, it runs well.
Also we found the error «
Failed to update Replica status within the local Windows Server Failover Clustering (WSFC) due to exception 410**.
» in SQL Server log which is quite similar to this case:
https://social.msdn.microsoft.com/Forums/sqlserver/en-US/05d4f0b0-c0a2-45bb-b9cd-5a24b746c92c/failed-to-update-replica-status-within-the-local-windows-server-failover-clustering-wsfc-due-to?forum=sqldisasterrecovery
So we think it might be a ram problem, we replaced the ram, however it does not help, still crashes when avail memory drops to 40GB.
Does anyone has the similar issue before
The symptom is when the available memory drops to 40GB, all connection to that server dropped, and can only login from DRAC console:
Event Log:
1.
svchost (3048) An attempt to write to the file «C:Windowssystem32LogFilesSumSvc.log» at offset 1773568 (0x00000000001b1000) for 4096 (0x00001000) bytes failed after 0.000 seconds with system error 1453 (0x000005ad): «Insufficient quota
to complete the requested service. «. The write operation will fail with error -1011 (0xfffffc0d). If this error persists then the file may be damaged and may need to be restored from a previous backup.
2.
svchost (3048) Unable to write to section 2 while flushing logfile C:Windowssystem32LogFilesSumSvc.log. Error -1011 (0xfffffc0d).
3.
svchost (3048) The logfile sequence in «C:Windowssystem32LogFilesSum» has been halted due to a fatal error. No further updates are possible for the databases that use this logfile sequence. Please correct the problem and restart
or restore from backup.
4.
svchost (3048) Unable to rollback operation #28998049 on database C:Windowssystem32LogFilesSumCurrent.mdb. Error: -510. All future database updates will be rejected.
SQL Server starts to crash.
5.
The background checkpoint thread has encountered an unrecoverable error. The checkpoint process is terminating so that the thread can clean up its resources. This is an informational message only. No user action is required.
6.
The local availability replica of availability group ‘SQL**AG’ is in a failed state. The replica failed to read or update the persisted configuration data (SQL Server error: 41029). To recover from this failure, either restart the local Windows
Server Failover Clustering (WSFC) service or restart the local instance of SQL Server.
In SQL Server log:
1.
AlwaysOn: The local replica of availability group ‘**AG’ is preparing to transition to the resolving role in response to a request from the Windows Server Failover Clustering (WSFC) cluster. This is an informational message only. No user action is required.
2.
The availability group ‘**AG’ is being asked to stop the lease renewal because the availability group is going offline. This is an informational message only. No user action is required.
3.
The state of the local availability replica in availability group ‘**AG’ has changed from ‘PRIMARY_NORMAL’ to ‘RESOLVING_NORMAL’. The state changed because the availability group is going offline. The replica is going offline because the associated
availability group has been deleted, or the user has taken the associated availability group offline in Windows Server Failover Clustering (WSFC) management console, or the availability group is failing over to another SQL Server instance. For more information,
see the SQL Server error log, Windows Server Failover Clustering (WSFC) management console, or WSFC log.
4.
DbMgrPartnerCommitPolicy::SetSyncState: 00000014ACDBD360:4
5.
AlwaysOn Availability Groups connection with secondary database terminated for primary database ‘db***’ on the availability replica ‘**Server-1CINSTANCE2’ with Replica ID: {52bbb123-6d62-4e35-b364-371c2c79fc74}. This is an informational message only. No
user action is required.
…
All AGs’ role change to «Resolving» on that box.
As «Insufficient quota to complete the requested service» is the first error appear in the log when the issue occurs, it makes sense if a stick of ram failed when available memory drops to 40GB, but we have replaced the ram, does anyone has the
similar issue? can you please share your experience?
Thanks,
Albert
On every restart of a new Windows Server 2012 R2 Essentials machine, I get several instances of the following errors in the Application event log:
Log Name: Application
Source: ESENT
Event ID: 490
Level: Error
Description:
svchost (3536) An attempt to open the file «C:Windowssystem32LogFilesSumApi.chk» for read / write access failed with system error 5 (0x00000005): «Access is denied. «. The open file operation will fail with error -1032 (0xfffffbf8).
Log Name: Application
Source: ESENT
Event ID: 490
Level: Error
Description:
svchost (3536) An attempt to open the file «C:Windowssystem32LogFilesSumSystemIdentity.mdb» for read / write access failed with system error 5 (0x00000005): «Access is denied. «. The open file operation will fail with error -1032 (0xfffffbf8).
MSKB 2811566 and this Connect bug discuss SQL Server causing this issue. But the error says it’s coming from svchost (3536). Using Sysinternals Process Explorer, I learned that this PID is actually hosting the Remote Desktop Gateway service. I confirmed this by stopping and starting that service; the errors repeated.
Workaround
The Remote Desktop Gateway service runs using the Network Service account. Once I gave that account Modify permissions on
C:Windowssystem32LogFilesSum
the ESENT 490 errors stopped. Instead, I get these messages when starting the Remote Desktop Gateway service:
Log Name: Application
Source: ESENT
Event ID: 326
Level: Information
Description:
svchost (7704) The database engine attached a database (1, C:Windowssystem32LogFilesSumSystemIdentity.mdb). (Time=0 seconds)
Log Name: Application
Source: ESENT
Event ID: 327
Level: Information
Description:
svchost (7704) The database engine detached a database (1, C:Windowssystem32LogFilesSumSystemIdentity.mdb). (Time=0 seconds)
- Remove From My Forums
-
Question
-
Hello,
My AD is build from 5 writable and 2 read-only DC. One of the DCs, is a VM. We moved it from one store to another what caused an AD DB corruption.
The error in the event viewer states (logs it every 30 or sec with different db page):
svchost (3396) The database page read from the file «C:\Windows\system32\LogFiles\Sum\Current.mdb» at offset 3166208 (0x0000000000305000) (database page 772 (0x304)) for 4096 (0x00001000) bytes failed verification due to a lost flush detection
timestamp mismatch. The read operation will fail with error -1119 (0xfffffba1). If this condition persists, restore the database from a previous backup. This problem is likely due to faulty hardware. Please contact your hardware vendor for further
assistance diagnosing the problem.Can you please let me know if:
— i should stop the AD service?
— i should attempt use of ntdutil despite the indication of restore?
— shall i try the move the VM to the original store or to attempt to fix t where it is? (seen a post on forum and apparently this fixed the issues but want to make sure i won;t brake it more)
— shall i try to restore AD or simply demote and promote the server
— if i restore the AD on this server from yesterdays backup, how will the other dc react? won’t i brake the AD?
Thanks in advacne
Answers
-
What would be the consequence of removing the current.mdb file? What do I need to be aware of?
Looks like you’ll lose the history UAL has captured. Chances are good you don’t even use it.
https://technet.microsoft.com/en-us/library/hh849634(v=ws.11).aspx
stop the User Access Logging Service (UALSVC) delete all the files in;
C:\Windows\System32\LogFiles\Sum\
start the service back up.
Regards, Dave Patrick ….
Microsoft Certified Professional
Microsoft MVP [Windows Server] Datacenter ManagementDisclaimer: This posting is provided «AS IS» with no warranties or guarantees, and confers no rights.
-
Edited by
Wednesday, October 25, 2017 10:49 PM
-
Proposed as answer by
William LiangMicrosoft contingent staff
Thursday, October 26, 2017 1:27 AM -
Marked as answer by
Pifco19
Thursday, October 26, 2017 9:16 AM
-
Edited by
Nov 03 2020
10:57 PM
Hi There
Our file server (windows 2016 ) frequently becomes non responsive and needs to reboot to get it working again
When i checked event viewer i found in application log that
svchost((636)SoftwareUsageMetrics-Svc:An attempt to write the file C:\Windows\system32\LogFIles\Sum\Current.mdb at offset 921600(0x00000000000e1000) for 4096 bytes failed after 0.034 seconds with systemerror 1453: Insufficient quota to complete the requested service. The write operation will fail with error 1011
-
All Discussions -
Previous Discussion -
Next Discussion
17 Replies
Nov 04 2020
09:23 AM
The file may be corrupt. You could stop the User Access Logging Service (UALSVC) delete all the files in;
C:\Windows\System32\LogFiles\Sum\
start the service back up.
Nov 04 2020
03:09 PM
@Dave Patrick thanks for the suggestion.. I will try it and update how it goes
Nov 04 2020
03:30 PM
You’re welcome.
(please don’t forget to mark helpful replies)
Nov 04 2020
04:52 PM
@Dave Patrick Unfortunately the issue came back with the event id 481 and 482 logged for SystemIdentity.mdb andcurrent.mdb
Nov 09 2020
08:24 PM
@Dave Patrick As suggested disabled UAL service, Windows update service as well but still no luck.
Symptoms: The memory usage increases and the server becomes non responsive finally. The CPU usage spikes. Once rebooted the memory usage comes down but it increases again…
BUt when I checked if the memory usage for any process increases as well , I couldnot find any significant increase in the memory usage of any process but the total memory usage is increasing..
Its the VM in VMware..
Nov 11 2020
09:33 PM
Hi Dave
When i checked further i found that ntfs.sys is using huge Nonpaged pool Memory..
Thanks
Dil
Sep 14 2021
02:54 AM
Hello,
We get the same error, did found a solution ?
Lilian.
Sep 14 2021
04:45 AM
we did build the new server
Sep 14 2021
04:48 AM
please check if any particular d rive is having problem
Sep 14 2021
04:56 AM
@DilKS85
Arrrgggg… this is our TSE VM… no drive problem…
We will do that in last time…
Thx’s
Sep 14 2021
05:23 AM
@null null
Our file server was also VM but we had extra Data drive as well.
Since it was mainly due to nonpaged pool memory growing and only option to release the memory was to restart the machine,
IF you have not checked yet please check the process consuming the memory
in our case it was ntfs.sys
Mar 23 2022
09:23 PM
@DilKS85
We have exactly this issue, the server seems to run out of resources then needs a reboot
I’m not sure which process it is
Did anyone have a fix?
Sep 26 2022
08:28 AM
Hello,
I’ve been having the same problem for weeks. I tested on several vm and still the same problem.
Has anyone been able to fix this problem of memory dump and having to restart the server for it to work again.
Thanks
Sep 26 2022
10:57 AM
@kamsysyskam
We ended up having to deploy a new server with fresh install
No issues after that.
Not what you want to hear I know !
1 min read
KStrike
Stand-alone parser for User Access Logging from Server 2012 and newer systems
KStrike
This script will parse data from the User Access Logging files contained on Windows Server 2012 and newer systems, found under the path «\Windows\System32\Logfiles\SUM» (please visit the KPMG blog post at https://advisory.kpmg.us/blog/2021/digital-forensics-incident-response.html for more details). For documentation on these files, please visit the official documentation page at https://docs.microsoft.com/en-us/windows-server/administration/user-access-logging/manage-user-access-logging
Usage
Run the script from the command line, afer you have extracted the database files from the SUM folder. This script will work with Python 2 or Python 3. It has also been tested on the most recent SIFT workstation release
This script will parse on-disk User Access Logging found on Windows Server 2012
and later systems, found under the path "\Windows\System32\Logfiles\SUM"
The output is double pipe || delimited
Example usage: KStrike.py SYSTEMNAME\Current.mdb > Current_mdb.txt
This script has been tested on the following systems:
- Windows
- macOS
- *nix
REQUIREMENTS:
- libesedb (pyesedb) (https://github.com/libyal/libesedb)
GitHub
https://github.com/brimorlabs/KStrike
John was the first writer to have joined pythonawesome.com. He has since then inculcated very effective writing and reviewing culture at pythonawesome which rivals have found impossible to imitate.
Previous Post
A fast and dead-simple painting app for artists build with python
Next Post
