This article discusses information about the pop-up: "You need to format this disk" when using encrypted agents
When using agent-level encryption, some versions of Windows contain a bug that causes a popup to show when backups are started. The popup asks you to format the C: drive. If you click OK or Format Disk, an error message is shown and formatting is not allowed to proceed. If you click Cancel, the pop-up goes away.
This pop-up is caused by a bug in the Windows Shell Hardware Detection Service. When a disk containing an unknown filesystem is mounted to a directory, Windows will prompt the user to format the parent filesystem containing the directory under which the new filesystem was mounted.
We have confirmed that this issue affects the following OS versions:
- Windows Vista: all versions
- Windows Server 2008: all versions
- Windows Server 2008 R2: SP0 (original release)
Under Windows Vista and Windows Server 2008 without R2, there is no possible mitigation.
Under Windows Server 2008 R2, installing Service Pack 1 is known to fix this issue.
An ordinary agent writes backup data to a temporary Windows File share created on the Siris device. Since this data goes straight to the disk, it is not suitable for encrypted agents. The data needs to be transformed before it is written to the disk.
By exposing the images as block devices, we can add an encryption layer controlled by the device's software. This ensures that as soon as data enters the appliance, it is encrypted.
Windows file sharing works only with regular files and not with block devices. A network-based block I/O standard is thus necessary. On Windows, iSCSI is the best supported open standard for network based block I/O.
To perform the backup, your device creates several iSCSI targets and exposes them to the Windows system. Windows attaches them, writes data, and disconnects them. However, Windows prevents writes to block devices that have no drive letter or mount point assigned. Working around it requires mounting the disk somewhere.
If the volume is mounted in its fully formatted state, Windows will write to it and corrupt the state of the volume. ShadowSnap will enter a "confused" state and force a differential merge or full backup. Instead, zeroes are written to the first seven bytes of the volume to keep Windows from mounting it. The header is written at the end of the backup process. This means the volume is presented to Windows as an unformatted volume.
Every version of Windows, not just the affected versions listed above, will ask you to format the volume if you attach it to an unused drive letter. The last option is mounting it to a directory.
If you mount a raw volume to a directory, Windows will ask you to format the disk containing the mountpoint directory - not the newly mounted raw disk. Microsoft has acknowledged the bug and provided a workaround. When the disk is attached, the ShellHWDetection service will immediately restart.
There are potentially greater technical issues that may arise from restarting services on systems. Microsoft should backport the bugfix to older versions of Windows instead of using the workaround.