On every restart of a new Windows Server 2012 R2 Essentials machine, I get several instances of the following errors in the Application event log:
Log Name: Application
Source: ESENT
Event ID: 490
Level: Error
Description:
svchost (3536) An attempt to open the file "C:\Windows\system32\LogFiles\Sum\Api.chk" for read / write access failed with system error 5 (0x00000005): "Access is denied. ". The open file operation will fail with error -1032 (0xfffffbf8).
Log Name: Application
Source: ESENT
Event ID: 490
Level: Error
Description:
svchost (3536) An attempt to open the file "C:\Windows\system32\LogFiles\Sum\SystemIdentity.mdb" for read / write access failed with system error 5 (0x00000005): "Access is denied. ". The open file operation will fail with error -1032 (0xfffffbf8).
MSKB 2811566 and this Connect bug discuss SQL Server causing this issue. But the error says it’s coming from svchost (3536). Using Sysinternals Process Explorer, I learned that this PID is actually hosting the Remote Desktop Gateway service. I confirmed this by stopping and starting that service; the errors repeated.
Workaround
The Remote Desktop Gateway service runs using the Network Service account. Once I gave that account Modify permissions on
C:\Windows\system32\LogFiles\Sum
the ESENT 490 errors stopped. Instead, I get these messages when starting the Remote Desktop Gateway service:
Log Name: Application
Source: ESENT
Event ID: 326
Level: Information
Description:
svchost (7704) The database engine attached a database (1, C:\Windows\system32\LogFiles\Sum\SystemIdentity.mdb). (Time=0 seconds)
Log Name: Application
Source: ESENT
Event ID: 327
Level: Information
Description:
svchost (7704) The database engine detached a database (1, C:\Windows\system32\LogFiles\Sum\SystemIdentity.mdb). (Time=0 seconds)
Thanks that helped :) yes 9 years later :P