#1 Global Leader in Data Protection & Ransomware Recovery
#1 Global Leader in Data Protection & Ransomware Recovery

Credentials Test or Job Fails when attempt to use VIX

KB ID: 1788
Product: Veeam Backup & Replication | 9.5 | 10 | 11 | 12
Published: 2013-07-08
Last Modified: 2021-08-18
Languages: IT | FR | ES
mailbox
Get weekly article updates
By subscribing, you are agreeing to have your personal information managed in accordance with the terms of Veeam's Privacy Notice.

Cheers for trusting us with the spot in your mailbox!

Now you’re less likely to miss what’s been brewing in our knowledge base with this weekly digest

error icon

Oops! Something went wrong.

Please try again later.

Challenge

When using Veeam Backup & Replication with a VMware environment the following error may be seen when using the Guest Credentials Test or when processing a VM that is in a DMZ or Isolated environment. 
Failed to prepare guest for hot backup. Error: Failed to connect to guest agent. Errors:
Cannot connect to the admin share. Host:  [vm.domain..tld]. Account: [VM\backupsvc].
Win32 error:The network path was not found.
 Code: 53
Cannot connect to the admin share. Host:  [192.168.1.42]. Account: [VM\backupsvc].
Win32 error:Access is denied.
 Code: 5
In this example, two attempts can be seen. The first is a failure to connect directly because the VM is in a different network. The second is the VIX-related failure due to "Access is denied."
Log File Examples
Task.<vmname>.<morefid>.log in C:\ProgramData\Veeam\Backup\<job_name> on Veeam Server 
Error        Failed to install via  VMWare Api
Error        Failed to connect to guest process (VIX) (Veeam.Backup.VssProvider.VssVixException)
Error        Failed to connect to guest service via vSphere API (Veeam.Backup.VssProvider.VssVixException)
Error        Failed to connect to guest service via web service (Veeam.Backup.VssProvider.VssVixException)
Error        Cannot connect to host [192.168.1.42] over web services. Login: [vsphere.local\administrator]. Guest Login: [VM\backupsvc].
Error        Failed to execute Pwdkey
Error        Failed to execute vSphere API command: [Failed to set registry value BiosUUID 
Error        Failed to create SOFTWARE\VeeaM\Veeam Backup and Replication registry key 
Error        Win32 error:Access is denied.
VeeamVixProxy_ddmmyyyy.log in C:\ProgramData\Veeam\Backup of Guest OS 
INFO    ================================================================================================
INFO    VeeamVixProxy started.
        Command line: ["C:\Windows\TEMP\{1a30c420-1237-4b91-8163-e3c9f029460d}" -func Pwdkey -out "C:\Windows\TEMP\{5c44eb01-7a6f-4cc6-a25e-6ddc2f6324a6}"]
WARN        Failed to check is directory exist
WARN        Win32 error:Access is denied.
WARN         Code: 5
WARN        Failed to check is directory exist
WARN        Win32 error:Access is denied.
WARN         Code: 5
        Generated key
ERR     Error: 
ERR         Failed to set registry value BiosUUID 
ERR         Failed to create SOFTWARE\VeeaM\Veeam Backup and Replication registry key 
ERR         Win32 error:Access is denied.
ERR          Code: 5
WARN        Failed to check is directory exist
WARN        Win32 error:Access is denied.
WARN         Code: 5

Cause

Veeam Backup & Replication uses the VIX API as a network-less connection method to perform Guest Processing when a VM cannot be contacted directly via RPC. Due to the way VIX operates, it is blocked by Windows User Account Controls. Also, because VIX relies on VMware Tools, if VMware Tools is out of date, issues may occur.

Solution

In VMware environments, Veeam Backup & Replication can use two methods to connect to a guest: RPC or VIX. If RPC is testing successfully, it is generally acceptable for the VIX test to fail as it will not likely be used.

Ensure the correct account is used

To use VIX for Guest Processing, one of the two following accounts must be specified for Guest Processing:

  1. The Built-in Administrator (i.e., hostname\Administrator)

    Note:     This must be the original Built-in Administrator who has a SID that ends in -500. This user is unique and has the ability to bypass Windows User Account Controls. Even if the account was renamed, it will work.
     
  2. The Domain Administrator (i.e, domain\Administrator)

Troubleshoot VMware Tools

  • If issues with VIX connectivity persist, confirm that VMware Tools is up-to-date for the VM to be protected.
    For information regarding issues when upgrading VMware tools, please reference: https://kb.vmware.com/kb/1001354
  • Uninstall VMware Tools, and reinstall VMware Tools.
    For information regarding uninstalling VMware tools from the command line: https://kb.vmware.com/kb/2010137

 

Note: If the Veeam Server, which acts as the default Guest Interaction Proxy, is in an isolated network, separate from the production VMs, RPC will fail. In such a situation, building a dedicated Guest Interaction Proxy
that sits in both the isolated and production networks may be preferable to allow for RPC-based Guest Processing.

More Information

If none of the provided account options are viable, it is possible to disable UAC. This will allow all accounts to be used for VIX-based networkless guest processing. This option should be considered a last resort as it involves disabling a major Microsoft Windows OS security feature.

For more information regarding disabling UAC under 2012 and 2012 R2, please review the following: http://social.technet.microsoft.com/Forums/windowsserver/en-US/0aeac9d8-3591-4294-b13e-825705b27730/how-to-disable-uac?forum=winserversecurity

In a blog post regarding Windows 10 and UAC Microsoft has stated "Disabling UAC on Windows 10 puts you into an untested and unsupported configuration. It also blocks your ability to run many modern applications."

To submit feedback regarding this article, please click this link: Send Article Feedback
To report a typo on this page, highlight the typo with your mouse and press CTRL + Enter.

Spelling error in text

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.
Thank you!

Thank you!

Your feedback has been received and will be reviewed.

Oops! Something went wrong.

Please try again later.

You have selected too large block!

Please try select less.

KB Feedback/Suggestion

This form is only for KB Feedback/Suggestions, if you need help with the software open a support case
By submitting, you are agreeing to have your personal information managed in accordance with the terms of Veeam's Privacy Notice.
This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.
Verify your email to continue your product download
We've sent a verification code to:
  • Incorrect verification code. Please try again.
An email with a verification code was just sent to
Didn't receive the code? Click to resend in sec
Didn't receive the code? Click to resend
Start using Veeam:
Download the product
&
Activate the license key
Thank you!

Thank you!

Your feedback has been received and will be reviewed.

error icon

Oops! Something went wrong.

Please try again later.