Veeam the user has not been granted the requested logon type at this machine

Challenge

License Auto Update fails

Cause

Any licenses obtained prior to U4 are now known as ‘Legacy Licenses’. Auto Update functionality cannot migrate a Legacy License to the new Veeam Instance License.

 The message most likely received is:
Error    Server message: License key type is not supported at the moment.

Solution

Obtain a new Veeam Instance License and Auto Update will function again.

More Information

//helpcenter.veeam.com/docs/backup/vsphere/license_autoupdate.html?ver=95u4

Challenge

This article describes Veeam Backup & Replication support for different VMware vSphere versions.

Cause

The earlier versions of Veeam Backup & Replication may not support the latest vSphere releases. It is recommended to always use the latest Veeam version to ensure modern platforms support and security compliance.

Solution

More Information

A list of Veeam Backup & Replication version and build numbers can be found on Veeam KB 2680
A list of VMware ESX(i) versions and their respective build numbers can be found on VMware KB 2143832.

Veeam Product Lifecycle: //www.veeam.com/kb1530 
VMware Lifecycle Product Matrix: //www.vmware.com/content/dam/digitalmarketing/vmware/en/pdf/support/product-lifecycle-matrix.pdf

The latest Veeam updates can be found at: //www.veeam.com/updates.html

Challenge

The article describes which Veeam Backup & Replication components can be installed on Windows Storage Server OS platform.

Cause

Windows Storage Server and Windows Server are built on the same code base, therefore all Veeam Backup & Replication components can be installed on a machine running Storage Server OS, i.e.

• Backup repository
• Backup proxy
• Tape server
• Mount server
• WAN accelerator

However, some vendor based distributions may not have .NET feature enabled and/or have issues with installing the required .NET framework version. Hence Veeam backup server itself can not be installed on a such machine due to its dependency on .NET components.

Solution

In regards to missed .NET components please review the End User License Agreement (EULA) for Windows Storage Server found in C:\windows\system32\license.rtf and contact your storage vendor for additional information.

Challenge

Product Information:

Company name: SUSE
Product Family: Enterprise Storage
Status: Veeam Ready - Repository
Classification Description: Verified backup storage that supports all Veeam backup and restore features.

Solution

Product Details:

Model number: Enterprise Storage 5.5
Storage Category: Software Defined Storage
Drive quantity, size, type: 144 - 7.2k SATA HDD
Storage configuration: Erasure coded, 3+2
Firmware version: 5.5
Connection protocol and speed: RBD 40GbE
Additional support: RBD 40GbE

General product family overview:

SUSE Enterprise Storage is a software-defined storage solution powered by Ceph designed to help enterprises manage the ever-growing data sets.

Veeam testing configuration:

Note: The following settings were used by the vendor to meet Veeam Ready testing requirements and should not be considered best practices. Additional changes or settings may be needed to meet the storage efficiency or performance needs for each environment. For each setting, reference links are provided for further clarification.

Veeam Build Number: 9.5.0.1922

Job Settings:

Repository Settings:

Vendor recommended configuration:

Hardware Settings:

• Hardware deduplication not used in testing
• Hardware compression not used in testing
• Multipathing used in testing (LACP for 2x links on storage nodes)

Challenge

Product Information:

Company name: SUSE
Product Family: Enterprise Storage
Status: Veeam Ready - Repository*
Classification Description: Verified backup storage that supports all Veeam backup and restore features.

*This Veeam Ready test was performed with an SSD/Flash configuration. As such, this classification only applies to configurations in which all SSD drives are used. The use of non-SSD drives may negatively impact performance.

Solution

Product Details:

Model number: Enterprise Storage 5.5
Storage Category: Software Defined Storage
Drive quantity, size, type: 59 - SATA SSD across 6 storage nodes
Storage configuration: Erasure coded, k=4, m=2
Firmware version: 5.5
Connection protocol and speed: 100GbE
Additional support: All models and configurations of Enterprise Storage 5.5 with specifications equivalent or greater than the above

General product family overview:

SUSE Enterprise Storage is a software-defined storage solution powered by Ceph designed to help enterprises manage the ever-growing data sets.

Veeam testing configuration:

Note: The following settings were used by the vendor to meet Veeam Ready testing requirements and should not be considered best practices. Additional changes or settings may be needed to meet the storage efficiency or performance needs for each environment. For each setting, reference links are provided for further clarification.

Veeam Build Number: 9.5.0.1922

Job Settings:

Repository Settings:

Vendor recommended configuration:

Hardware Settings:

• Hardware deduplication not used in testing
• Hardware compression not used in testing

Challenge

When attempting to update the Veeam Backup & Replication or Veeam ONE software, an error is encountered:
This Veeam Backup & Replication / Veeam ONE installation cannot be updated automatically. Please contact Veeam customer support for assistance with manual update.

Cause

Update setup program checks the digital signature of the existing files to ensure their integrity before updating them. All product files are signed using Global Sign certificates. Some Windows installations do not contain Global Sign's root certificates authority as trusted root certificates, or have non-current certificates. This issue is typically observed on servers with locked down security settings, or servers with no internet access or latest updates installed.

Solution

To resolve this issue, please install the below certificates manually on the system:
//www.digicert.com/CACerts/DigiCertAssuredIDRootCA.crt (DigiCert Assured ID Root CA)
//secure.globalsign.com/cacert/gscodesigng3ocsp.crt (GlobalSign CodeSigning CA - G3)
//www.digicert.com/CACerts/DigiCertHighAssuranceEVRootCA.crt (DigiCert High Assurance EV Root CA)
//www.digicert.com/CACerts/DigiCertEVCodeSigningCA-SHA2.crt (DigiCert EV Code Signing CA - SHA2)
//support.globalsign.com/customer/portal/articles/1426602-globalsign-root-certificates (install R1, R2, and R3 certificates)

Additional certificates are needed for Veeam ONE 9.5 Update 4:
For SHA1: //www.thawte.com/roots/Thawte_Timestamping_CA.pem (Thawte Timestamping CA)
For SHA2: //www.websecurity.symantec.com/content/dam/websitesecurity/digitalassets/desktop/pdfs/roots/VeriSign-Universal-Root-Certification-Authority.pem (VeriSign Universal Root Certification Authority)

If your backup server does not have internet access, please download certificate files from another computer.

More Information

To install a certificate:
Right-click on the certificate file in Windows, select "Install Certificate", install on "Local Machine", and select the store "Trusted Root Certification Authorities". When installed properly, "GlobalSign" and "GlobalSign Root CA" should show under Console root -> Certificates -> Trusted Root Certification Authorities -> Certificates.

Challenge

Job reports warning "SQL VSS Writer is missing: databases will be backed up in crash-consistent state and transaction log processing will be skipped"
Running vssadmin list writers shows that SqlServerWriter is not in the list.

Cause

There are different causes of the issue:

• the SQL instance have databases with names ending in a space character. 
• the account under which SQL VSS Writer service is running doesn't have sysadmin role on a SQL server
• SQL VSS Writer service stuck in an invalid state

Solution

Depending on a particular cause:

• Please rename the database to a new name (without a space in it)
• Grant the SQL VSS Writer service user a sysadmin role (Instructions in KB here: //www.veeam.com/kb1978)
• Restart SQL VSS Writer service (Instructions in KB here here//www.veeam.com/kb2041)
• In the case of SBS machines that are also Domain Controllers, ensure that the SQL Writer is running as a domain administrator and not local system
• Allow the SQL Writer service account access to the Volume Shadow Copy service via the registry:
  HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\VSS\VssAccessControl
  If the DWORD value “NT SERVICE\SQLWriter” is present in this key, it must be set to 1.
  If the Volume Shadow Copy service is running, stop it after changing this registry value. Do not disable it.
• To check if your database has space in the name you can run the following query:

If you notice any spaces in the database names, then you will need to remove the spaces from the database names.

More Information

Microsoft documentation states that the SQL Writer service must run as Local System.

• In SQL Server 2008R2 and earlier, this means that the writer service account appears to SQL Server as “NT AUTHORITY\System”.
• In SQL Server 2012 and later, the writer service account appears to SQL Server as “NT Service\SQLWriter”.

Challenge

When a computer is being added to protection group, Veeam Agent for Microsoft Windows deployment starts and  fails with the following:

Cause

The certificate which is used to sign the Veeam Agent installation package is not installed in the Trusted Root Certification Authority store on the client computer.

Solution

For SHA256

1. Download DigiCert Assured ID Root CA here (right click on Download button - save as)
2. Double click the downloaded .crt file
3. Click Install Certificate
4. Choose Local Machine and click on Next
5. Place the certificate into Trusted Root Certification Authorities by clicking the Browse button.

For SHA1

1. Download R1 GlobalSign Root Certificate (Thumbprint B1BC968BD4F49D622AA89A81F2150152A41D829C) from here
2. Double click the downloaded .crt file
3. Click Install Certificate
4. Choose Local Machine and click on Next
5. Place the certificate into Trusted Root Certification Authorities by clicking the Browse button.
6. Download Code Signing SHA-1 G3 Intermediate Certificate (Thumbprint F1E7B6C0C10DA9436ECC04FF5FC3B6916B46CF4C) from here
7. Double click the downloaded .crt file
8. Click Install Certificate
9. Choose Local Machine and click on Next
10. Place the certificate into Intermediate Certification Authorities by clicking the Browse button.

Challenge

Job may report warning: "Failed to finalize guest processing. Details: Failed to process 'TruncateSQLLog' command. Failed to truncate transaction logs for SQL instances: <instance name>. Possible reasons: lack of permissions, or transaction log corruption."

Solution

SQL logs truncation is done under user account specified in AAIP in Job settings, if it fails then GuestHelper tries to truncate transaction logs under LocalSystem account.

In order to understand why SQL logs truncation failed you will need to open the GuestHelper log on the Guest VM, and search for "Truncation Statistics".

• Windows 2008 or higher
  \\GUESTVM\c$\ProgramData\Veeam\Backup\VeeamGuestHelper_%date%.log
• Windows 2003
  \\GUESTVM\c$\Documents and Settings\All Users\Application Data\Veeam\Backup\VeeamGuestHelper_%date%.log

Known Errors and Solutions

1. Error: OpenFromInitializationString failed. [Login failed for 'DOMAIN\user'.]
   Solution: give DOMAIN\user permissions on SQL instance and add db_backupoperator role for all FULL and BULK databases, or give it a sysadmin role.
    
2. OLEDB Error: 'The server principal "DOMAIN\user" is not able to access the database "DATABASE" under the current security context.', HelpCtx: '0'
   Solution: give DOMAIN\user db_backupoperator role for all FULL and BULK databases, or give it a sysadmin role.
    
3. OLEDB Error: 'BACKUP detected corruption in the database log. Check the error log for more information.', HelpCtx: '0'
   Solution: error points to possible corruption and issues with SQL server
    
4. OLEDB Error: 'BACKUP LOG cannot be performed because there is no current database backup.'

   As a rule this is an issue with the secondary node of the SQL always on cluster. You can solve this by making a backup of the DB in question via SQL Management Studio. Otherwise, you can set the secondary node as primary for just one run of your backup job. As a result all its DBs will be backed up without "copy only" flag and the error will disappear.

   The issue occurs when the secondary node has always been backed up with "copy only" flag and its standalone DBs do not have any full backup. Thus during the truncation of the standalone DB logs we get the above-mentioned message.

   The same solution applies if you get this message with regard to the excluded vCenter database / Veeam database.

5. "Query timeout expired" If you see this entry in VeeamGuestHelper log, it usually means that we couldn't truncate SQL logs in allotted time (by default timeout is only 60 seconds). Usually you might experience such issues with rather large databases, and with large amount of transaction logs
   Solution: Implement the following registry value in affected VMs in [HKLM\SOFTWARE\Veeam\Veeam Backup and Replication\] and [ HKLM\SOFTWARE\Wow6432Node\VeeaM\Veeam Backup and Replication] (if either location does not exist, create it):
   • SqlExecTimeout
   • Type: REG_DWORD
   • Default value: 60 (in seconds, decimal)
   Try to expand that value and run a backup afterwards, safe guess here is to set it for 600 seconds.

More Information

If you observe the following warning "Failed to truncate transaction logs for SQL instances: MICROSOFT WID" on Veeam B&R version 8.0.0.2084, please contact Veeam Support for the hot-fix.

Challenge

During SureBackup, Instant Recovery, or Other-OS FLR operation, you receive the error: 

"Error during the configuration of the host: NFS Error: Unable to Mount filesystem: Unable to connect to NFS server"

The NFS datastore cannot be mounted to the host, so vPower NFS based restores fail.

Cause

There are several possible causes for this:

• The Veeam vPower NFS Service is not started. (//www.veeam.com/kb1094)
• The Veeam server is on a subnet that does not have access to a VMkernel port on the ESXi host.
• The Veeam server cannot reach the VMkernel port on the ESXi host due to a firewall configuration.
• Datastores within the environment that appear as (Invalid).
• An issue within the VMware environment is preventing the NFS datastore from being mounted.

Solution

In order to know which server to troubleshoot, one must know which server is acting as the vPower NFS server for the repository. To find this edit the repository for the backup files to be used in the restore. On the ‘vPower NFS’ tab there is a dropdown box designating which server is being used. The server listed is where the troubleshooting must be performed from.

 *Note: An isolation step can be to try changing which server is chosen as the vPower NFS server in the Repository settings.

 If the vPower NFS service is not running on the server designated within the repository settings, please review: //www.veeam.com/kb1094

 ──────────────────────────────────────────────────────────
The following is a list of common troubleshooting steps
──────────────────────────────────────────────────────────

• Testing for connectivity to and from VMkernel Port

Test from vPower NFS server to VMkernel port:
1.       Within a vSphere Client select the ESX(i) host that the NFS Datastore is being connected to.
2.       Go to the Configuration Tab
3.       Go to the Networking section
4.       Look for a VMkernel port, and note its IP
5.       Ping the VMkernel port from the vPower NFS server

 Test from VMkernel port to vPower NFS server
1.       Connect to the ESX(i) host that the NFS datstore is being connected to via SSH**
2.       Using the vmkping command to test connectivity to the vPower NFS servers

• Remove “(Invalid)” datatstores:

Within a vSphere Client check the Configuration>Storage section of each host for datastores starting with “VeeamBackup_”, specifically ones that show up in italics with (Inactive). Unmount each of these and try the restore or mount procedure again. 

• Test adding the NFS Datastore manually (//www.veeam.com/kb1284). For Veeam Backup & Replication 9.5 Update 4 and later please refer to the More Information section for additional settings required for testing.

1.       Within a vSphere Client select the ESX(i) host that the NFS Datastore is being connected to.
2.       Goto the Configuration Tab
3.       Goto the Storage section
4.       Click Add Storage…
5.       Select the radio option for ‘Network File System’
6.       For “Server”, enter either  the IP or Hostname of the vPower NFS Server
7.       For “Folder”, enter “/VeeamBackup_<servername>”  servername is the NetBIOS name of the vPower NFS Server. If your vPower NFS server is added by IP, you need to specify VeeamBackup_XXX.XXX.XXX.XXX
8.       Do not check the box for Mount NFS read only
9.       Enter in to the Datastore name the same as folder without the starting forward slash. i.e. “VeeamBackup_<servername>”
10.   Click next and complete the process.

• Known Issue: “Unable to Mount VPower NFS Specified Key Name or Identifier Already Exists”

Please review: //www.veeam.com/kb1690

• Known Issue: Another service is locking a port needed by vPower NFS:
  1. Open an Administrator Command Prompt
  2. Run the following commands
       netstat -bona > portlist.txt
      notepad portlist.txt
  3. Search the text file and confirm that the following ports are not locked by another process.

     111
     6161
 

More Information

With new security enhancements in Veeam B&R 9.5 Update 4 it is no longer possible to mount vPower NFS datastore manually to an arbitrary server. To be able to perform this test, add vPowerNFSDisableIPAuth (DWORD) = 1 registry value to the following registry key: HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Veeam\Veeam NFS\ and restart Veeam vPower NFS Service.
Please note that this value disables built-in IP authentication for vPower datastore and is only recommended for testing purposes.

**SSH may be disabled on your ESXi host. Below are directions to enable SSH on host so that you may connect and use the vmkping command as part of the troubleshooting steps above.
Note: Veeam's vPower NFS does not require SSH to be enabled on the host, please remember to disable SSH after testing with vmkping.

1.  To enable SSH from the vSphere Client
2.  Select the host and click the Configuration tab.
3.  Click Security Profile in the Software panel.
4.  In the Services section, click Properties.
5.  Select SSH and click Options.
6.  Change the SSH options.
     a.  To temporarily start or stop the service, click the Start or Stop button.
     b.  To enable SSH permanently, click Start and stop with host. The change takes effect the next time you reboot the host.
7.  Click OK.

 For issues related to the vPower NFS Service not starting please review: //www.veeam.com/kb1094

Challenge

This KB documents how to manually mount the vPower NFS Datatstore to an ESXi host, using the vSphere Client and vSphere Web Client. This action is performed as part of the troubleshooting steps to resolve an issue with vPower NFS backed restores are failing. For Veeam Backup & Replication 9.5 Update 4 and later please refer to the More Information section for additional settings required for testing.

 For information regarding troubleshooting vPower NFS: //www.veeam.com/kb1055

For information regarding issues where the vPower NFS Service will not start: //www.veeam.com/kb1094

Solution

Before beginning ensure that proper communication exists between the vPower NFS server and the ESXi server. Review //www.veeam.com/kb1055 for information regarding this.

 Starting with Veeam Backup & Replication 6.0 it is possible to have the vPower NFS Datastore mount to another server, please check the settings for this within the repository settings.
//helpcenter.veeam.com/backup/70/vsphere/repository_nfs.html

 ──────────────────────────────────────────────────────────
How to manually mount the vPower NFS Datastore – using vSphere Client
──────────────────────────────────────────────────────────
1.  Open the VMware vSphere Client
2.  Connect to the vCenter Server or the Standalone ESXi host (skip step 3 for standalone host).
3.  Locate and select the host that you are attempting to mount the vPower NFS datastore to.
4.  On the right select the [Configuration] tab.
5.  Within the Hardware section on the left, select [Storage]
6.  On the far right click [Add Storage…]
7.  In the Add Storage wizard that opens, select the radio option for “Network File System”, and click next.
8.  On the next tab fill in each of the fields as detailed below:

Server – This can be the IP Address, Hostname, or FQDN of the vPower NFS server. If the mount fails with the hostname it is possible your host is unable to resolve DNS, try using the IP Address.
Folder – This must be /VeeamBackup_<netbios name of vPower NFS Server>
Datastore Name – This must be identical to the folder minus the leading forward slash.

9.  After filling this out click Next, then click Finish. Observe whether the task completes. If it does not complete review the error by clicking [View] and review the issue that VMware had when attempting to add the NFS datastore.

──────────────────────────────────────────────────────────
How to manually mount the vPower NFS Datastore – using vSphere Web-Client
──────────────────────────────────────────────────────────
1.  Open and connect to your vCenter Server using the vSphere Web-Client
2.  From the home screen on the left select vCenter

3.  Select Datastores

4.  Click the Add Datastore button

5.  In the new datastore wizard select the host that you are attempting to connect the NFS datastore to.
6.  Under Type, select “NFS”
7.  Fill in each of the fields as detailed below:

Datastore Name – This must be VeeamBackup_<netbios name of vPower NFS Server>
Server – This can be the IP Address, Hostname, or FQDN of the vPower NFS server. If the mount fails with the hostname it is possible your host is unable to resolve DNS, try using the IP Address.
Folder – This must be /VeeamBackup_<netbios name of vPower NFS Server>

8.  Click Next, and then Finish
9.  Under recent tasks watch to see if the task completes. Mouse over the task to see additional details.

More Information

With new security enhancements in Veeam B&R 9.5 Update 4 it is no longer possible to mount vPower NFS datastore manually to an arbitrary server. To be able to perform this test, add vPowerNFSDisableIPAuth (DWORD) = 1 registry value to the following registry key: HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Veeam\Veeam NFS\ and restart Veeam vPower NFS Service.
Please note that this value disables built-in IP authentication for vPower datastore and is only recommended for testing purposes.

If you receive an error when attempting to add the vPower NFS Datstore that contains “Specified Key Name or Identifier Already Exists”, please review: //www.veeam.com/kb1690
 

Challenge

Although the nWorks service account has local administrator rights and is a member of the nWorks Enterprise Manager Accounts local group, nWorks Collector and Enterprise Manager cannot be installed, because the installer does not accept the specified service account. The following error occurs:

The user has not been granted the requested logon type on this computer.

Cause

To install nWorks 5.7 Collector and Enterprise Manager, it is necessary to grant the Log on locally rights to the service account that you specify during installation.

Solution

When the installation completes, you can deny this right or change the service account in Log On section of the service properties.

More Information

The behavior is only present in nWorks 5.7 and will be eliminated in the next release.

Challenge

The vulnerability allows execution of arbitrary code in emails containing inline Javascript.

NOTE: This has been corrected in Veeam Backup for MIcrosoft Office 365 version 3 and Veeam Backup & Replication version U4a.

Cause

The affected component is Veeam Explorer for Microsoft Exchange message preview browser. Email content is rendered using HTML browser and if an email contains inline Javascript, the embedded script may be executed.

Solution

1)    Download the hotfix ZIP package;
2)    Navigate to the corresponding folder according to the product you want to apply the hotfix to;
3)    On each machine where Veeam Explorer for Exchange is installed, navigate to C:\Program Files\Veeam\Backup and Replication\ExchangeExplorer and make a backup of the following files by copying them to another folder:

• BlockedFileTypes.xml
• Veeam.Exchange.Explorer.exe

4)    Copy the following files from the hotfix package to C:\Program Files\Veeam\Backup and Replication\ExchangeExplorer:

• BlockedFileTypes.xml
• Veeam.Exchange.Explorer.exe
• HtmlAgilityPack.dll

More Information

[[DOWNLOAD|DOWNLOAD HOTFIX|//www.veeam.com/download_add_packs/backup-microsoft-office-365/kb2847/]]

MD5 checksum for kb2847.zip is 3e8db48b1c9dbc1034f0dbd75c3aadfd

Should you have any questions, contact Veeam Support.

Challenge

Failure when trying to access Enterprise Manager thorugh the web via https. The web interface of Enterprise Manager works with http, but not with https.

Solution

To resolve:

1. Clear browser's cache, cookies, history files, SSL state. Make sure that static content is enabled in browser's settings.
2. Make sure ports 9392 and 9394 are open.
3. Go to the Internet Information Services (IIS) Manager console -> Sites and check whether the "VeeamBackup" site is started or not (%windir%\system32\inetsrv\AppCmd.exe also works).
4. Then go to the Internet Information Services (IIS) Manager console -> Application Pools and check that VeeamBackup application pool exists and has at least one linked application.
5. Go to Services under the Computer Management console and insure that Veeam Backup Enterprise Manager service is started.

In case of using IIS6:

• Make sure anonymous access is enabled in IIS

• Then recreate a self-signed certificate for https connection:

  • ​Use SSLDiag.exe tool which is included in the IIS Diagnostics Toolkit and is the recommended replacement for SelfSSL for creating self signed certificates:

//www.microsoft.com/downloads/details.aspx?familyid=9bfa49bc-376b-4a54-95aa-73c9156706e7&displaylang=en

• Go to C:\Program Files\IIS Resources\SSLDiag and run the SSLDiag.exe tool with the following parameters: SSLDiag.exe /s:2 /selfssl /n:CN=Veeam Backup Enterprise Manager_server_hostname /v:36

(Download the tool from Microsoft at the link below if you need it: //www.microsoft.com/downloads/details.aspx?familyid=7E42B310-B2D1-496B-8005-9D91782B9995&displaylang=en)

 If using IIS7:

• Make sure anonymous access is enabled in IIS

  • Then recreate a self-signed certificate for https connection:

1. Go to IIS7 Manager console

2. Check the root of the tree

3. In the middle of the screen double-click "Server Certificates" feature

4. Check "Create Self-Signed Certificate" at the Actions panel

5. Specify a name for the new certificate. Click OK

6. Go to "Sites" -> "VeeamBackup" and "click Bindings..." at the Actions panel

7. Highlight the "https" string and click "Edit...", then check a previously created certificate in the "SSL certificate" drop-down menu. Click OK

8. Restart "VeeamBackup" web site using IIS7 Manager console

• Go to IIS6 Manager console

• Check the "VeeamBackup" under "Web Sites"

• Right-click and select "Properties"

• Go to "Directory Security" tab and click "Server Certificate..." at the Server communications section

• At the "Welcome to the Web Server Certificate Wizard" click Next, then select "Replace the current certificate", then select correct certificate, and click Next

• Check the root of the tree

• Restart "VeeamBackup" web site or entire IIS using IIS6 Manager console, or restart IIS Admin service

Challenge

To ensure sufficient use of resources and faster jobs performance, it is important to plan your backup, replication and copying jobs in a proper way.

Solution

For information regarding Job Layout, Object Selection, Job Scheduling,  and Best Practices for any Backup Job Settings, please refer to this page:
 //bp.veeam.expert/job_configuration/backup_job.html

  For information regarding the Backup Methods and the differences here and Pros and Cons for each, please refer to this page:
 //bp.veeam.expert/job_configuration/backup_methods.html

 For information regarding Encryption and Recommendations on When to Utilize it, please refer to this page:
 //bp.veeam.expert/job_configuration/encryption.html

 For information regarding Deduplication and Compression settings for any backup jobs, please refer to this page:
 //bp.veeam.expert/job_configuration/deduplication_and_compression.html

 For information regarding Backup Copy Jobs and Suggestions for Scheduling, Job Layout, and Object Selection, please refer to this page:
 //bp.veeam.expert/job_configuration/backup_copy_job.html

 For information regarding Replication Jobs and Proper Setup and Configuration, please refer to this page:
 //bp.veeam.expert/job_configuration/replication_job.html

 For information regarding Application-Aware Image Processing and When to Use and How it Works, please refer to this page:
 //bp.veeam.expert/job_configuration/application_aware_image_processing.html

More Information

For more information on other Veeam Best Practices, please refer to our current Best Practices Guide found here:
//bp.veeam.expert

Challenge

NWorks offers "Collection Interval" and "Interval Multipliers" to control what the nWorks collectors send to SCOM.

Sometimes this isn't granular enough, and customers want to control further on what information is collected and reported on. 

Solution

To change metrics being collected, you have to use the "Collection Settings" (listed above) to enable or disable the VMware object being collected(Cluster, VM and Core Metrics, etc.).  To figure out what you need enabled, use the following chart to view the Metric Class:

Then, use the link //helpcenter.veeam.com/docs/mp/vmware_reference/metric_definitions.html?ver=80U6 to find the remaining entities you want to collect on; in my example I will use snapshot age.  To change snapshot age collection, it is listed under VMStats using the previous link.  Then using the Metric Class Chart, VMStats is listed under "Virtual Machine Core Metrics" which must be check boxed in order to collect on.  The issue is that VMStats alone has 59 other objects that are going to be collected on that may or may not be desirable. 

Once you have the metric you want to collect on (snapshot age), you can change what is collected based on the Rules in SCOM.  If you go to Ops Manager --> Authoring tab --> Management Pack Objects --> Rules --> VMGUEST.Collect.snapshotAge (for my example) --> Enable through Overrides to verify it is being collected on the group you want.  If you do not see VMGUEST.Collect or any other nWorks rule listed, you may need to change the Scope to "Look for" nwork "View all targets" to see the full list.

Then once you have the snapshot rule set to how you want it, you can then disable other rules being used by VMStats through Overrides within the same collection group; listed as "vmguest.collect." for this case.  Once done in this way, you can control what you collect on a more granular level to see only the information you want to see. 

More Information

Veeam Support recommends keeping the "Collection Interval" at 5 minutes and changing the "Interval Multipliers" to match collection needs. 

Challenge

Some customers want to create custom alerts, change settings within their VC, or verify what type of data is being collected.  Veeam supplies a list of what Metrics and Events that we use for nWorks.

Solution

More Information

If you need assistance with this or have any questions, feel free to contact support. 

Challenge

Hot-add or SAN mode fails on a localized proxy.

In the job log, you can see the following error:

Info           [AP] (2a1a) output: 2012-01-26T12:07:14.429+01:00 [02252 error 'Default'] Cannot use advanced transport modes for xxx.xxx.xxx.xxx/moref=vm-xxx/snapshot-xxx: Cannot lock directory C:\Windows\TEMP\VeeamBackup\VeeamAgent-xxx\vmware-Syst??me\4236b6e2-7cc1-1eb0-71dc-7469acd8abaf-vm-xxx.\n
Info           [AP] (d8e4) output: --wn:Hot add is not supported for this disk, failing over to network mode...\n
Info           [AP] (d8e4) warning: Hot add is not supported for this disk, failing over to network mode...
Warning  Hot add is not supported for this disk, failing over to network mode...

Cause

The issue is connected to the limitations of the VMware VDDK 5.0 disk library

(//www.vmware.com/support/developer/vddk/VDDK-500-ReleaseNotes.html):

Problem using UTF-16 characters in pathnames.

When

is given a pathname containing UTF-16 characters, the virtual disk library fails to find the file. On Windows 2008 for example, the pathname Temp\vmware-système\*vm* contains è as a UTF-16 character, whereas VixDiskLib expects UTF-8. One workaround is to override the Temp pathname in the configuration file by setting the

key, using a non-UTF-16 pathname. For details, see documentation for

. KB 1037379 discusses a similar issue.

Solution

The current workaround is to restart

Veeam services under a user other than a local administrator. In this case, the path to the temporary directory causing the issue will look like C:\Windows\TEMP\VeeamBackup\VeeamAgent-xxx\vmware-NameOfTheUser\.

Do the following:

- Close  the Veeam console.
- Create a new user (domain administrator) on Veeam server using only non-accented letters and numbers (and no special symbols) for the username as well as for the password.
- Add this user to the group of local administrators.
- Log in to Veeam server using the credentials of the new user.
- Modify all six Veeam services so they use the credentials of the new user.
- Restart all Veeam services.
- Restart the jobs.

More Information

After restarting all Veeam services under the new user, you should see the following in the log:

Info           [AP] (6378) output: 2011-12-13T17:35:09.288+01:00 [01688 info 'transport'] Successfully mounted snapshot ssid:snapshot-67 on mount point C:\Users\veeam\AppData\Local\Temp\VeeamBackup\VeeamAgent-xxx\vmware-veeam\

(The user name in this case is "Veeam")