none
DPM 2019 unable to connect to vcenter RRS feed

  • 質問

  • Freshly installed DPM 2019.  I have a 3rd party cert installed on vcenter.domain.com.  I can connect to server with no cert issues.  I add server to DPM, and I get Error ID: 33623 Internal error code 0x80990EF2.  I've tried the vsphere admin account, special DPM account, and an AD admin account, and I get same error.  I also did the regedit so that it ignores the cert trust and same issue.  Vsphere is 6.7 update 2.
    2019年8月8日 20:36

すべての返信

  • Hello Michael,

    You will receive either the 0x80990EF2 or 0x8099DEF2 error when trying to add the ESX server to DPM, if the credentials are incorrect, of if there is no valid trusted certificate, or if the ESX server has the lockdown option enabled because it’s being managed by vCenter.

    For DPM to be able to communicate securely with a VMware server, a certificate is used. 
    DPM connects to VMware via the HTTPS protocol, so the certificate that is installed on VCenter or ESX host must be trusted by the DPM server.

    Each ESX server will have its own certificate, however if the vCenter server is added as a protected server, you do not have to deal with the certificates of all the other ESX servers that are managed by that vCenter server.

    You can export the vCenter certificate from the browser (View certificate > Details > Copy to file) and add it to the Trusted Root Certification Authoritiesof the DPM server.

    The following table captures the privileges that you need to assign to the user account that you create:

    Also make sure your firewall is not blocking the communication.


    The official documentation provides step-by-step information how to accomplish this:
    Use DPM to back up and restore VMware virtual machines

    Here's also video guides:
    Four simple steps to backup VMware VMs using SC DPM

    Best regards,
    Leon


    Blog: https://thesystemcenterblog.com LinkedIn:

    2019年8月9日 6:33
  • All of those are correct.  

    1. The cert on vcenter is a 3rd party, but I added it to trusted root anyway, no fix.

    2. Tried 3 sets of different creds, same error.  The other creds were the admin accounts.

    3. vCenter is not in lockdown mode, I can still connect to the individual ESXi servers

    I do see alot of error around:

    "System.IO.IOException: Authentication failed because the remote party has closed the transport stream"

    "The underlying connection was closed: an unexpected error ocurred on a send."

    "VMWareErrorCode = ConnectFailed"

    These are plain jane servers, I wondering if vmware wants TLS 1 and windows is talking TLS 1.2?  or vice versa?  Has the default been changed?

    2019年8月9日 19:40
  • If you’re running DPM 2019 on Windows Server 2016, you will need to enable .NET to let the operating system choose the SSL/TLS protocols, and you need to enable TLS 1.2.

    If you use DPM 2019 on Windows Server 2019, then you only need to enable .NET because the TLS 1.2 is enabled by default.

    You can follow the guide written by Charbel over here:

    https://charbelnemnom.com/2019/03/whats-new-in-system-center-2019-data-protection-manager-dpm-scdpm/


    Blog: https://thesystemcenterblog.com LinkedIn:

    • 回答の候補に設定 Leon Laude 2019年8月20日 7:06
    2019年8月9日 19:49
  • Hi,

    Is there any update?

    (Please don't forget to mark helpful replies as answer)


    Blog: https://thesystemcenterblog.com LinkedIn:

    2019年8月13日 7:11