“For security reasons DTD is prohibited in this XML document” error in Veeam Backup for Microsoft Office 365
Challenge
Cause
When the library receives an authorization request it, among other things, tries to resolve and reach msoid.onmicrosoft.com and msoid.<your-organization-domain>.onmicrosoft.com.
Most internet service providers cannot resolve those names.
CSOM library can ignore those sites being unreachable and keep working on your request, but only if it has received an HTTP error code (e.g. 404, 500, 503 etc).
However, some ISPs redirect unresolved DNS calls to their own DNS helper page which then returns status code 200 OK.
The library tries to authenticate through this "helper" page and fails with error “For security reasons DTD is prohibited in this XML document”.
Solution
- Depending on your ISP you can request to have this DNS relay feature disabled.
- Add 2 records to C:\Windows\System32\drivers\etc\hosts binding msoid domain with localhost IP 127.0.0.1
- Add a CNAME record on your DNS server as seen below:
Couldn't find what you were looking for?
Please select a spelling error or a typo on this page with your mouse and press CTRL + Enter to report this mistake to us. Thank you!
Spelling error in text
Do you have an issue or need post-sales technical assistance?
*if you need help choosing the right product, please select "Sales" chat
Do you need guidance on the website, upgrade hints or help with your licenses/accounts?
Questions regarding your Veeam contract renewal? Contact us and learn how you can maximize your savings
Do you need additional license, pricing details, product information or have any other sales-related question?
Would you like to become our partner or do you need assistance as our existing partner?
We apologize, but this chat is not available at the moment
We apologize, but this chat is not available at the moment
We apologize, but this chat is not available at the moment
We apologize, but this chat is not available at the moment
Veeam representative will get back to you shortly.
