these are our findings after some successful troubleshooting.
Problem:
When using the built-in Veeam.Backup.SqlChecker.vbs script in SureBackup with SQL Authentication on SQL Servers that have disabled legacy protocols (SSL, TLS 1.0), the connection fails with:
Error:
[DBNETLIB][ConnectionOpen (SECCreateCredentials()).]SSL Sicherheitsfehler
Root Cause:
The script uses the outdated SQLOLEDB.1 provider which doesn't properly support TLS 1.2.
Solution:
Modify the CheckInstance subroutine in the script to use the modern MSOLEDBSQL provider:
Find this line (around line 159):
Code: Select all
sConnString = "Provider=SQLOLEDB.1;Initial Catalog=master;Server=" & sInstanceCode: Select all
sConnString = "Provider=MSOLEDBSQL;Initial Catalog=master;Server=" & sInstance & ";TrustServerCertificate=true;Encrypt=false"Microsoft OLE DB Driver 19 for SQL Server must be installed on the Veeam server
Tested Configuration:
Veeam B&R 12
SQL Server 2014/2016+ with TLS 1.0/SSL disabled
Custom Application Group script with SQL Authentication
Works with both named instances (SERVER\INSTANCE) and default instances
Usage in SureBackup:
Configure as Custom Script in Application Group:
Path: %ProgramFiles%\Veeam\Backup and Replication\Backup\ModifiedSqlChecker.vbs
Arguments: %log_path% %vm_ip%\INSTANCENAME username password
Using the instance name also solves the sc problem, when connecting with a user whithout local admin rights on the SQL Server.