BE 2010 R2 Crashes on server using Forefront Client Security
Hi,
We experience an issue on all our Windows 2008 R2 SP1 servers. BE 2010 R2 with the latest hotfixs is installed on 26 servers. They are also running with Forefront Client Security.
The problem is that the BE Service crashes simultaneously on all the servers, approximatively once a month. We noticed that at the same time Forfront started its daily full scan. We shifted the scan for 1 hour and observed a crash 1 hour later. So there is a link between Forefront and BE.
When it crashes, BE is doiing no job (no backup, no database maintenance ...).
The event log shows those messages :
First :
Nom du journal :Application Source : BEDBG Date : 13/09/2011 20:06:10 ID de l’événement :258 Catégorie de la tâche :(1) Niveau : Erreur Mots clés : Classique Utilisateur : N/A Ordinateur : xxxxxx Description : Process beserver.exe requested memory dump but the maximum number of memory dumps has already been reached. XML de l’événement : <Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event"> <System> <Provider Name="BEDBG" /> <EventID Qualifiers="57346">258</EventID> <Level>2</Level> <Task>1</Task> <Keywords>0x80000000000000</Keywords> <TimeCreated SystemTime="2011-09-13T18:06:10.000000000Z" /> <EventRecordID>221622</EventRecordID> <Channel>Application</Channel> <Computer>xxxxxx</Computer> <Security /> </System> <EventData> <Data>beserver.exe</Data> </EventData> </Event>
Then :
Nom du journal :Application Source : Application Error Date : 13/09/2011 20:06:10 ID de l’événement :1000 Catégorie de la tâche :(100) Niveau : Erreur Mots clés : Classique Utilisateur : N/A Ordinateur : xxxxxx Description : Nom de l’application défaillante beserver.exe, version : 13.0.4164.119, horodatage : 0x4ddabb43 Nom du module défaillant : bemsdk.dll, version : 13.0.4164.119, horodatage : 0x4ddab9cd Code d’exception : 0xc0000005 Décalage d’erreur : 0x00000000000d970b ID du processus défaillant : 0x%9 Heure de début de l’application défaillante : 0x%10 Chemin d’accès de l’application défaillante : %11 Chemin d’accès du module défaillant: %12 ID de rapport : %13 XML de l’événement : <Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event"> <System> <Provider Name="Application Error" /> <EventID Qualifiers="0">1000</EventID> <Level>2</Level> <Task>100</Task> <Keywords>0x80000000000000</Keywords> <TimeCreated SystemTime="2011-09-13T18:06:10.000000000Z" /> <EventRecordID>221623</EventRecordID> <Channel>Application</Channel> <Computer>xxxxxx</Computer> <Security /> </System> <EventData> <Data>beserver.exe</Data> <Data>13.0.4164.119</Data> <Data>4ddabb43</Data> <Data>bemsdk.dll</Data> <Data>13.0.4164.119</Data> <Data>4ddab9cd</Data> <Data>c0000005</Data> <Data>00000000000d970b</Data> </EventData> </Event>
Furthermore, on 80% servers, BE is not restarting automatically. We need to manually kill the process LUGETUPDATES.exe then retart BE !!!
Is anyone encountering the same issues ?
Comments
Well I'd start by upgrading
Well I'd start by upgrading Backup Exec 2010 to the R3 version and patch it with latest patches after you have upgraded.
R3 works with yuor existing license keys and is available via the Trialware Link at
http://www.backupexec.com
Exclude the BE
Hi,
Is there any logs in the AV ....
You can exclude the entire BE(i.e. symantec) folder from scanning...
And aslo upgrade the BE to BE 2010R3
Thanks.
Remember, Kowledge & Wisdom always makes a person success.
Mrinal Sarkar
Howrah, India
Hi, Sorry for the gap between
Hi,
Sorry for the gap between your answers and this post.
So... There is no interesting log in the AV.
We tried to exclude all symantec folders from our scan policies, but... bad news, all our BE servers crashed yesterday, 30 days after the last crash. This is a recurring phenomena : BE crashes every month since january 2011 (except during the summer ! :-) )
I'd be a little bit disappointed if the only solution was to upgrade to R3, as we upgraded to R2 3 months ago to try to solve the same problem.
Regards.
Try the suggestion in this
Try the suggestion in this technote:
http://www.symantec.com/business/support/index?page=content&id=TECH128748
Exclude following files from Microsoft Forefront Client Security :-
C:\WINDOWS\System32\vssvc.exe
AOFO STORE
Also check if there are any updates for the MS Forefront Client.
If this response answers your concern, please mark it as a "solution"
Live update...
Hi,
Sorry for the late response...I busy in a project.
I have some query:-
1. Do u use Symantec Liveupdate. If yes, manually or scheduled?
2. If scheduled, what is the scheduled?
3. Does this scheduled is same date/time with the creshing date.
I have came to know that there is a issue with the Liveupdate and MS Forefont.
Just to have a knowledge check the below link:-
http://www.symantec.com/docs/TECH61286
Thanks.
Remember, Kowledge & Wisdom always makes a person success.
Mrinal Sarkar
Howrah, India
Any updates..
Hi,
Any updates....
Have u figured out any solution...
Thanks..
Remember, Kowledge & Wisdom always makes a person success.
Mrinal Sarkar
Howrah, India
Would you like to reply?
Login or Register to post your comment.