#1 Global Leader in Data Resilience

Upgrade to version 6.5 fails with the "Unable to connect to SQL Server" error

KB ID: 1685
Product: Veeam Backup & Replication
Version: 6.5.0.109
Published: 2012-11-06
Last Modified: 2020-08-13
mailbox
Get weekly article updates
By subscribing, you are agreeing to have your personal information managed in accordance with the terms of Veeam's Privacy Notice.

Cheers for trusting us with the spot in your mailbox!

Now you’re less likely to miss what’s been brewing in our knowledge base with this weekly digest

error icon

Oops! Something went wrong.

Please, try again later.

Challenge

When upgrading to Veeam Backup & Replication version 6.5 you receive the error: "Unable to connect to SQL Server (servername=):Login failed for user\", even though the db_owner account is used. You also experience one of the following symptoms:
  • You receive repeated logon windows
  • You receive an "Access denied" error
  • You receive an "No network provider accepted the given network path" error
  • Event ID 537 is logged in the Security event log

Cause

The issue is described in the following Microsoft KB article:

http://support.microsoft.com/kb/926642

This problem occurs because Windows Server 2003 SP1 includes a new security feature named loopback check functionality. By default, loopback check functionality is turned on in Windows Server 2003 SP1, and the value of the DisableLoopbackCheck registry entry is set to 0 (zero).

Solution

The KB solution suggests the following steps.

To resolve this problem, set the DisableStrictNameChecking registry entry to 1. This procedure is described in the Knowledge Base article 281308. Then use either of the following methods, as appropriate for your situation.

Method 1 (recommended): Create the Local Security Authority host names that can be referenced in an NTLM authentication request

To do this, follow these steps for all the nodes on the client computer:

  1. Click Start, click Run, type regedit, and then click OK.

  2. Locate and then click the following registry subkey:HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\MSV1_0

  3. Right-click MSV1_0, point to New, and then click Multi-String Value.

  4. In the Name column, type BackConnectionHostNames, and then press ENTER.

  5. Right-click BackConnectionHostNames, and then click Modify.

  6. In the Value data box, type the CNAME or the DNS alias, that is used for the local shares on the computer, and then click OK.

    Note Type each host name on a separate line.

    Note If the BackConnectionHostNames registry entry exists as a REG_DWORD type, you have to delete the BackConnectionHostNames registry entry.

  7. Exit Registry Editor, and then restart the computer.

Method 2: Disable the authentication loopback check

Re-enable the behavior that exists in Windows Server 2003 by setting the DisableLoopbackCheck registry entry in the

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa registry

subkey to 1. To set the DisableLoopbackCheck registry entry to 1, follow these steps on the client computer:

  1. Click Start, click Run, type regedit, and then click OK.

  2. Locate and then click the following registry subkey: HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa

  3. Right-click Lsa, point to New, and then click DWORD Value.

  4. Type DisableLoopbackCheck, and then press ENTER.

  5. Right-click DisableLoopbackCheck, and then click Modify.

  6. In the Value data box, type 1, and then click OK.

  7. Exit Registry Editor.

  8. Restart the computer.

Note You must restart the server for this change to take effect. By default, loopback check functionality is turned on in Windows Server 2003 SP1, and the DisableLoopbackCheck registry entry is set to 0 (zero). The security is reduced when you disable the authentication loopback check, and you open the Windows Server 2003 server for man-in-the-middle (MITM) attacks on NTLM.

More Information

Applies to:

  • Microsoft Windows Server 2003 Service Pack 1, when used with:
  • Microsoft Windows Server 2003, Standard Edition (32-bit x86)
  • Microsoft Windows Server 2003, Enterprise Edition (32-bit x86)
  • Microsoft Windows Server 2003, Standard x64 Edition
  • Microsoft Windows Server 2003, Enterprise x64 Edition
  • Microsoft Windows Server 2003, Enterprise Edition for Itanium-based Systems
  • Microsoft Windows XP Professional Service Pack 2 (SP2)
  • Windows Server 2008 Standard
  • Windows Server 2008 Enterprise
  • Windows Server 2008 R2 Standard
  • Windows Server 2008 R2 Enterprise
To submit feedback regarding this article, please click this link: Send Article Feedback
To report a typo on this page, highlight the typo with your mouse and press CTRL + Enter.

Spelling error in text

This site is protected by hCaptcha and its Privacy Policy and Terms of Service apply except as noted in our Privacy Policy.
Thank you!

Thank you!

Your feedback has been received and will be reviewed.

Oops! Something went wrong.

Please, try again later.

You have selected too large block!

Please try select less.

KB Feedback/Suggestion

This form is only for KB Feedback/Suggestions, if you need help with the software open a support case

By submitting, you are agreeing to have your personal information managed in accordance with the terms of Veeam's Privacy Notice.
This site is protected by hCaptcha and its Privacy Policy and Terms of Service apply except as noted in our Privacy Policy.
Verify your email to continue your product download
We've sent a verification code to:
  • Incorrect verification code. Please try again.
An email with a verification code was just sent to
Didn't receive the code? Click to resend in sec
Didn't receive the code? Click to resend
Thank you!

Thank you!

Your feedback has been received and will be reviewed.

error icon

Oops! Something went wrong.

Please, try again later.