Standalone backup agent for Microsoft Windows servers and workstations (formerly Veeam Endpoint Backup FREE)
Post Reply
GeraldS
Novice
Posts: 4
Liked: 2 times
Joined: Mar 28, 2019 8:18 am
Full Name: Gerald Schneider
Location: Rostock, Germany
Contact:

Veeam trying to authenticate against AD with self signed certificates.

Post by GeraldS »

After we started to deploy managed instances of the Veeam Agent we noticed an increased activity of failed logins in our Active Directory audit log originating on our Veeam Backup & Replication server.

The "user agents" are in the following form:

Code: Select all

x509n:<s>cn=8b41492a-f228-47a2-b1b5-25dec8af8768,6
x509n:<s>cn=9261cec5-f131-4797-a635-af4472f8e11a,6
x509n:<s>cn=a1a65e62-91a3-48fd-80f1-9d596c47f23d,6
When we searched the Veeam logs for these UUIDs we found out that they correspond to self signed certificates created by Veeam.

These failed logins don't impact the backups, they succeed. It's just that our AD team has asked us to investigate these failed logins.

Why is the Veeam Agent (or VBR) trying to use these self signed certificates to authenticate against Active Directory, and how can we stop it?

HannesK
Veeam Software
Posts: 11218
Liked: 2130 times
Joined: Sep 01, 2014 11:46 am
Full Name: Hannes Kasparick
Location: Austria
Contact:

Re: Veeam trying to authenticate against AD with self signed certificates.

Post by HannesK »

Hello,
sounds strange... what is the support case number for that issue?

Additional to Veeam logs, please do also upload the AD audit logs that we can check that.

Thanks,
Hannes

GeraldS
Novice
Posts: 4
Liked: 2 times
Joined: Mar 28, 2019 8:18 am
Full Name: Gerald Schneider
Location: Rostock, Germany
Contact:

Re: Veeam trying to authenticate against AD with self signed certificates.

Post by GeraldS »

I haven't opened a support case yet. I was hoping someone else might have run in the same problem.

zd14a
Lurker
Posts: 2
Liked: never
Joined: Jul 11, 2017 9:10 am
Contact:

Re: Veeam trying to authenticate against AD with self signed certificates.

Post by zd14a »

Hi, we see this kind of login attempts made by Veeam as well. We're also wondering what's happening there and how we can prevent Veeam from doing this.

HannesK
Veeam Software
Posts: 11218
Liked: 2130 times
Joined: Sep 01, 2014 11:46 am
Full Name: Hannes Kasparick
Location: Austria
Contact:

Re: Veeam trying to authenticate against AD with self signed certificates.

Post by HannesK »

Hello,
can you please provide a case number with logs that we can have a look at it?

Thanks,
Hannes

TDog
Novice
Posts: 4
Liked: never
Joined: Feb 07, 2016 3:22 pm
Full Name: Tom Mucha
Contact:

Re: Veeam trying to authenticate against AD with self signed certificates.

Post by TDog »

GeraldS wrote: Mar 14, 2022 8:39 am These failed logins don't impact the backups, they succeed. It's just that our AD team has asked us to investigate these failed logins.

Why is the Veeam Agent (or VBR) trying to use these self signed certificates to authenticate against Active Directory, and how can we stop it?
We noticed the same very recently, ever find a solution? I found the offending cert in the local cert store on the agent machine, wonder if I have to deploy a local CA that is trusted by AD to resolve this. https://helpcenter.veeam.com/docs/backu ... ml?ver=110

Post Reply

Who is online

Users browsing this forum: No registered users and 7 guests