Vssadmin doesn't verify that a drive volume is supported for DiffArea

Symptoms
On a computer that's running Windows Server 2012 R2, Windows Server 2012, or Windows Server 2008 R2, assume that you run the following command to add shadow copy storage association for a specified encrypted volume to another volume:

vssadmin add shadowstorage /for=<source drive> /on=<destination drive> /maxsize=unbounded

Note The <source drive> placeholder represents a data drive that has BitLocker protection enabled. And the <destination drive> placeholder represents a data drive that has BitLocker protection disabled.

This command runs successfully without errors or warnings.

Important This configuration is not-supported.
Cause
This is a known issue in vssadmin command syntax. Vssadmin does not call the required function to check whether the volume is supported for shadow copy storage association.
Resolution
To avoid this unsupported scenario, use the GUI to configure the version of Shadow Copy that appears when you right-click the disk volume icon.

The Volume Shadow Copy Service (VSS) UI calls CVssDiffMgmt::QueryVolumesSupportedForDiffAreas() and checks whether a volume is supported for DiffArea. If a volume for DiffArea is encrypted and it's not the same volume, the volume is not listed in the UI.
More information
Other unsupported configurations of VSS storage include the following:
  • A nested volume (such as when the physical volume is the previously mounted volume).
  • If the BitLocker-encrypted volume is another volume that's specified as a shadow copy storage area in the source volume.
  • If the sector size of the volume of the VSS storage area is larger than the source volume.
Properties

Article ID: 3171733 - Last Review: 06/23/2016 16:28:00 - Revision: 1.0

Windows Server 2012 R2 Datacenter, Windows Server 2012 R2 Standard, Windows Server 2012 R2 Foundation, Windows Server 2012 Datacenter, Windows Server 2012 Standard, Windows Server 2012 Foundation, Windows Server 2008 R2 Service Pack 1

  • KB3171733
Feedback