Hello all, I'm having a lot of Event id 577 in a Windows Server 2003 x86 EE SP2. The privilege is not about SeTcbPrivilege, but about SeManageVolumePrivilege The user that is in this event, its a domain user and used in a application pool. Also for NTLM authentication for a website. I've also tried NTrights.exe to set that privilege in that server, for this specific user. The command succeed but the error persist. I think that this error is causing the website running under this user not working well. Regards

I'm posting in the wrong forum? Regards

Hi, SeManageVolumePrivilege: Allows a non-administrative or remote user to manage volumes or disks. The operating system checks for the privilege in a users access token when a process running in the users security context calls SetFileValidData(). Please try to use clean-boot using msconfig. Rebooted the compter. Hope this helps! Best regards Elytis ChengElytis Cheng TechNet Community Support

Hi Elytis, I can't reboot the server. Its on production. Any other suggestion? Regards -- Saimo

- be sure to check first with WHOAMI /ALL that the user really has the privilege in his list of privileges - you can accomplish the test by starting CMD under that user account and typing the WHOAMI /All. If you are sure, then you need to restart at least the application pools or anything that runs under the user's identity. - if the sole appPool restart does not help, you must restart the whole server o.

Hi Ondrej, Checked WHOAMI /ALL on the server and the user indeed doesn't have the SeManageVolumePrivilege privilege. Tried from another machine that I have Resource Kit installed. C:\Program Files\Windows Resource Kits\Tools>ntrights.exe -u user -m \\server.domain +r SeManageVolumePrivilege Granting SeManageVolumePrivilege to user on \\server.domain... successful But still whaomi /all show SeManageVolumePrivilege as Disabled.... How can we change this? Regards -- Saimo

are you on Windows 2003? Why not you go into Local Security Policy and do the same in User Rights Assignment. You also need to log off all instances of the user's logon sessions - meaning kill all processes that are running under that user account or rather restart the whole machine. o.

Sorry for the delay. Checked Local Security Policy. User is added to "Perform volume maintenance tasks". Maybe an reboot is needed this take effect. I will plan an reboot and let you know. Regards -- Saimo

Hi, How is everything going? Best RegardsElytis Cheng TechNet Community Support