Operational Defect Database
BugZero found this defect 1721 days ago.
Data sources
All data on this page is proprietary to BugZero® or gathered from public sources
Veeam | kb2998
Microsoft SQL Server Transaction Log are not truncated due to an error code 0x80004005 [TLS 1.0]
Last update date:
2/24/2021
Affected products:
Veeam Backup & Replication
Veeam Agent for Microsoft Windows
Affected releases:
2.0
Fixed releases:
No fixed releases provided.
Description:
Challenge
When backing up a machine running a Microsoft SQL server where TLS 1.0 has been disabled, a job may fail with the error code 0x80004005 [TLS 1.0]. The following warning will be found on the server that is being protected by either Veeam Backup & Replication or Veeam Agent for Microsoft Windows, the path to the file containing this warning is listed below. For a VM being processed by Veeam Backup & Replication: %ProgramData%\Veeam\Backup\VeeamGuestHelper_<dd.mm.yyyy>.log For a server being backed up using Veeam Agent for Microsoft Windows: %ProgramData%\Veeam\Endpoint\<job_name>\Job.Backup.log INFO Connecting to mssql, connection string: Provider='sqloledb';Data Source='(local)\SQLINSTANCENAME';Integrated Security='SSPI';Persist Security Info=False, timeout: 15 WARN Code = 0x80004005 WARN Code meaning = Unspecified error WARN Source = Microsoft OLE DB Provider for SQL Server WARN Description = [DBNETLIB][ConnectionOpen (SECCreateCredentials()).]SSL Security error. WARN COM error: Code: 0x80004005
Cause
The SQL Server being protected by Veeam is using a SQL OLE DB provider which does not support TLS 1.2
Solution
Behavior Change Starting with Veeam Backup & Replication v11 Starting with Veeam Backup & Replication v11 the Microsoft OLE DB Provider (MSOLEDBSQL) will be used first to initiate communication. In all previous version only the SQLOLEDB provider was used. Also, starting with Veeam Backup & Replication v11 the software will first attempt to use MSOLEDBSQL first, then failover to Native SQL Client Provider, and then failover to using SQLOLEDB Provider. If Veeam Backup & Replication fails over to using SQLOLEDB provider the job will report "Using deprecated provider" warning. It is therefore advisable if you are facing this issue to upgrade to Veeam Backup & Replication v11.
More Information
Schannel implementation of TLS 1.0 in Windows security status update: November 24, 2015https://support.microsoft.com/en-us/help/3117336/schannel-implementation-of-tls-1-0-in-windows-security-status-update-nDriver history for Microsoft SQL Server https://docs.microsoft.com/en-us/sql/connect/connect-history?view=sql-server-ver15
