As seen in my previous post Group Policy can have major effects on the functionality of SharePoint. A recent scenario was that I went on site and got a dev environment up and running with BLOB storage. Everything was thoroughly tested, but when it came time to do the production setup things didn’t go so smoothly. Even following the same exact setup procedure we were only able to upload files in a non-rbs’d database. Any time we would go to upload a file we would be presented with this error: “The URL ‘Documents/doc.docx’ is invalid. It may refer to a nonexistent file or folder that is nonexistent.” In looking at the correlation ID in the diagnostic logs we notice a more meaningful error:
“Cannot open log for source ‘RBS’. You may not have write access. —> System.ComponentModel.Win32Exception: Access is denied –
— End of inner exception stack trace —
at System.Diagnostics.EventLog.OpenForWrite(String currentMachineName)“
This indicates that there was a failure to write to the event log. After tracking down the ‘RBS’ log in the registry (The location is HKLM\System\CurrentControlSet\Services\EventLog\Application\RBS) we noticed that it was the Eventvwr Application log.
There are a few ways to adjust access to the eventvwr log, but we decided to use a command-line utility to explicitly grant the appropriate access to the Application log for RBS.
Here are the steps that were performed:
1) Open CMD as administrator
2) Wevtutil.exe gl application > C:\temp\out.txt
3) Add the value (A;;0x3;;;AU) to the end and run
4) Wevtutil.exe sl application /ca:0:BAG:XXXX (Where XXXX is the values from out.txt with the added entry)
5) Reboot the server
This value can also be controlled in Group Policy setting “Log Access” under:
Local Computer Policy > Computer Configuration > Administrative Templates > Windows Components > Event Log Service > Application
Moral of the story: ALWAYS CHECK GROUP POLICY!