Avamar SQL Backup: Server principal "NT AUTHORITYSYSTEM" is not able to access database

Summary: Avamar SQL backups fail with an error indicating that the server principal NT AUTHORITY\SYSTEM cannot access a SQL Server database under the current security context. This issue occurs when the Local System account permissions are removed from the SQL Server instance, which are required for SQL Writer and VDI‑based backup operations. ...

This article applies to This article does not apply to This article is not tied to any specific product. Not all product versions are identified in this article.
Check out other resources

Symptoms

During an Avamar SQL backup, the operation fails at initialization with a SQL connection error. The error explicitly references the SYSTEM account.

The following error is logged when the backup starts:

avsql Error <40088>: sqlconnectimpl_smo::execute Microsoft.SqlServer.Management.Common.ExecutionFailureException: 
An exception occurred while executing a Transact-SQL statement or batch. ---> 
System.Data.SqlClient.SqlException: The server principal "NT AUTHORITY\SYSTEM" is not able to access the database 
"SQL_DBtest" under the current security context.

Cause

The NT AUTHORITY\SYSTEM account permissions were removed from the SQL Server environment.

Microsoft SQL Server uses the SQL Writer service, which runs under the Local System account, to perform VDI and VSS‑based operations. Avamar SQL backups rely on this mechanism. When the Local System account is removed from required SQL roles, the SQL Writer cannot access databases, and backup operations fail.

Resolution

Restore the required permissions for the NT AUTHORITY\SYSTEM account.

Required Actions

  1. Ensure that the SQL Server SQL Writer service is configured to run under the Local System account.
  2. Verify that the NT AUTHORITY\SYSTEM account is not removed from required SQL Server roles.
  3. Ensure that the Local System account retains appropriate access to SQL Server databases and VDI operations.
  4. Retry the Avamar SQL backup after permissions are restored.

If the Local System account cannot be used due to customer security policies, Microsoft must be engaged to address compatibility and support implications.

Additional Information

Microsoft documentation states the following regarding SQL Writer:

During installation, the SQL Writer account will be installed to use the Local System account. Since the SQL Writer needs to talk to SQL Server using exclusive VDI APIs, the SQL Writer account must have sufficient access rights for both SQL Server and VSS. Configuring the service as a Local System account provides sufficient rights for the service to run correctly.

To have the SQL Writer service work correctly, it is important to make sure that the Local System account is not removed from the SQL Server instance sa role.

Refer to the following Microsoft article for more details:
A Guide for SQL Server Backup (External Link)

Affected Products

Avamar

Products

Avamar, Avamar Client for Windows, Avamar Plug-in for SQL
Article Properties
Article Number: 000049795
Article Type: Solution
Last Modified: 02 Apr 2026
Version:  4
Find answers to your questions from other Dell users
Support Services
Check if your device is covered by Support Services.