Operational Defect Database

BugZero found this defect 397 days ago.

Veeam | kb4431

After Enabling MFA, Veeam Backup Server Is Listed as Inaccessible in Veeam Service Provider Console

Last update date:

10/20/2023

Affected products:

Veeam Backup & Replication

Veeam Service Provider Console

Veeam Cloud Connect

Affected releases:

12

Fixed releases:

No fixed releases provided.

Description:

Challenge

After enabling multi-factor authentication (MFA) in Veeam Backup & Replication or Veeam Cloud Connect, that server may become listed as "inaccessible" within Veeam Service Provider Console yet the Veeam Management Agent for VSPC continues to display a "healthy" status.

Cause

When MFA is enabled, the account used by the Veeam Management Agent service cannot access the Veeam Backup & Replication or Veeam Cloud Connect application.By default, the Veeam Managemetn Agent service deployed on the Veeam Backup & Replication and Veeam Cloud Connect server runs under the Local System account.

Solution

To resolve this issue, review the options below: Option 1: Have the Veeam Management Agent Use a Dedicated Service Account The recommended solution is to configure the Veeam Management Agent service to use a dedicated service account (either Domain or Windows local) for which MFA is explicitly disabled. For more information, see Disabling MFA for Service Accounts. In Windows Services ( services.msc ), check if Veeam Management Agent is still running under the Local System account. Edit the Veeam Management Agent service and change the "Log on as" account from Local System account to any user that is a member of the Local Administrators group or any Domain account with Local Administrators group permissions on that machine. Add the Service account to Veeam Backup & Replication/Veeam Cloud Connect: Add the service account specified for the service to the Users and Roles section. Assign the role: Veeam Backup Administrator. Select the "This a service account" checkbox to disable MFA.

More Information

If the presented options are unsuitable for your situation for any reason, it may be advisable to consider disabling MFA entirely.

Additional Resources / Links

Share:

BugZero® Risk Score

What's this?

Coming soon

Status

Solved

cost-cta-background

Do you know how much operational outages are costing you?

Understand the cost to your business and how BugZero can help you reduce those costs.

Have you ever...

had your data corrupted from a

VMware

bug?

Search:

...