I have a 2019 server standard that was giving me this error from an elevated CMD
C:Windowssystem32>vssadmin
This program is blocked by group policy. For more information, contact your system administrator.
This kept me from viewing the state of the writers and troubleshooting a Datto backup issue.
This is the specific error seen in the application log:
Access to C:WindowsSystem32vssadmin.exe has been restricted by your Administrator by location with policy rule {e9e0e074-bb50-497a-8b0e-f357a16a3e4d} placed on path vssadmin.exe.
This led me to this article: https://www.sevenforums.com/tutorials/7844-applocker-create-new-rules.html
I went to the Local Security Policy and exanded to the path below
I created a PATH rule that allowed the specific exe to run. THEN, the magic happened. The server informed me that the default rules for the server had not been created. Would I like to create them now? I said yes, and the three default rules appeared with my new one! Now it works!!!
C:Windowssystem32>vssadmin
vssadmin 1.1 – Volume Shadow Copy Service administrative command-line tool
(C) Copyright 2001-2013 Microsoft Corp.
Error: Invalid command.
—- Commands Supported —-
Add ShadowStorage – Add a new volume shadow copy storage association
Create Shadow – Create a new volume shadow copy
Delete Shadows – Delete volume shadow copies
Delete ShadowStorage – Delete volume shadow copy storage associations
List Providers – List registered volume shadow copy providers
List Shadows – List existing volume shadow copies
List ShadowStorage – List volume shadow copy storage associations
List Volumes – List volumes eligible for shadow copies
List Writers – List subscribed volume shadow copy writers
Resize ShadowStorage – Resize a volume shadow copy storage association
Revert Shadow – Revert a volume to a shadow copy
Query Reverts – Query the progress of in-progress revert operations.
landie.tech 