https://login.veeam.com/en/oauth?client_id=nXojRrypJ8&redirect_uri=https%3A%2F%2Fwww.veeam.com%2Fservices%2Fauthentication%2Fredirect_url&response_type=code&scope=profile&state=eyJmaW5hbFJlZGlyZWN0TG9jYXRpb24iOiJodHRwczovL3d3dy52ZWVhbS5jb20va2IyOTk4IiwiaGFzaCI6IjllZGNhMmYzLWU1ZWQtNDE3My05Y2E3LTFkYTBiZGJlMjhhYSJ9
1-800-691-1991 | 9am - 8pm ET
EN

Microsoft SQL Server Transaction Log are not truncated due to an error code 0x80004005 [TLS 1.0]

Challenge

When backing up a machine running a Microsoft SQL server where TLS 1.0 has been disabled, a job may fail with the error code 0x80004005 [TLS 1.0].
 


The following warning will be found on the server that is being protected by either Veeam Backup & Replication or Veeam Agent for Microsoft Windows, the path to the file containing this warning is listed below.

  • For a VM being processed by Veeam Backup & Replication:
        %ProgramData%\Veeam\Backup\VeeamGuestHelper_<dd.mm.yyyy>.log
  • For a server being backed up using Veeam Agent for Microsoft Windows:
        %ProgramData%\Veeam\Endpoint\<job_name>\Job.Backup.log
INFO    Connecting to mssql, connection string: Provider='sqloledb';Data Source='(local)\SQLINSTANCENAME';Integrated Security='SSPI';Persist Security Info=False, timeout: 15 
WARN        Code = 0x80004005 WARN        Code meaning = Unspecified error 
WARN        Source = Microsoft OLE DB Provider for SQL Server 
WARN        Description = [DBNETLIB][ConnectionOpen (SECCreateCredentials()).]SSL Security error. 
WARN    COM error:  Code: 0x80004005

Cause

The SQL Server being protected by Veeam is using a SQL OLE DB provider which does not support TLS 1.2

Solution

The direct solution to this situation is to review available updates for the SQL Server that is having this issue and ensure that TLS 1.2 is supported by the Microsoft OLE DB provider for SQL Server.

Please review: https://support.microsoft.com/en-us/help/3135244/tls-1-2-support-for-microsoft-sql-server
 



As a workaround, it is possible to force Veeam to request that the 'Native SQL Client Provider' be used instead of SQLOLEDB. This is done by adding a registry value to the Guest OS of the machine being protected by Veeam.

Please review the scenarios below and use the location and value specified:

  1. For a VM being protected by Veeam Backup & Replication:
    • Location: HKLM\SOFTWARE\Veeam\Veeam Backup and Replication
    • Value: UseSqlNativeClientProvider
    • Type: DWORD
    • Data: 1
       
  2. For machines being protected (managed or standalone) by Veeam Agent for Microsoft Windows:
    • Location: HKLM\SOFTWARE\Veeam\Veeam Endpoint Backup
    • Value: UseSqlNativeClientProvider
    • Type: DWORD
    • Data: 1
       
  3. For SQL Failover Clusters protected by Veeam Agent for Microsoft Windows via a job in Veeam Backup & Replication with the option Backup logs periodically an additional value must be specified (the value in  HKLM\SOFTWARE\Veeam\Veeam Endpoint Backup also still remains the place).
    • Location: HKLM\SOFTWARE\Veeam\Veeam Backup and Replication
    • Value: UseSqlNativeClientProvider
    • Type: DWORD
    • Data: 1


No server restart is required, registry key will be checked on next job run.

More information

KB ID:
2998
Product:
Veeam Agent for Microsoft Windows, Veeam Backup & Replication
Version:
All
Published:
2019-09-03
Last Modified:
2020-08-13
Please rate how helpful this article was to you:
4.9 out of 5 based on 4 ratings
Thank you for helping us improve!
An error occurred during voting. Please try again later.

Couldn't find what you were looking for?

Below you can submit an idea for a new knowledge base article.
Report a typo on this page:

Please select a spelling error or a typo on this page with your mouse and press CTRL + Enter to report this mistake to us. Thank you!

Spelling error in text

Knowledge base content request
By submitting, you agree that your personal data will be managed by Veeam in accordance with the Privacy Policy.
Your report was sent to the responsible team. Our representative will contact you by email you provided.
We're working on it please try again later