I am experiencing a persistent "Access Denied" error when attempting to add/rescan a Hyper-V host from my Veeam Backup & Replication server.
Environment:
VBR Server: Windows Server 2022 (Workgroup)
Hyper-V Host: Windows Server 2019 (Workgroup)
Issue: Event ID 10036 on the Hyper-V host.
Error Detail: "The server-side authentication level policy does not allow the user HOST1\veeam [...] from address 10.100.10.22 to activate DCOM server. Please raise the activation authentication level at least to RPC_C_AUTHN_LEVEL_PKT_INTEGRITY in client application."
Verified Steps Performed:
Registry: Applied RequireIntegrityActivationAuthenticationLevel=0 and ActivationSecurityCheckExempt=1 in HKLM\SOFTWARE\Microsoft\Ole\AppCompat.
Permissions: Granted 'Remote Launch' and 'Remote Activation' rights in dcomcnfg for the service account.
Local Policy: LocalAccountTokenFilterPolicy is set to 1 on both machines.
Connectivity: Verified that WinRM (PowerShell) connectivity from VBR to Hyper-V is fully functional (Enter-PSSession works correctly using the service account credentials via IP).
Request:
The WinRM layer is functional, but DCOM activation is being rejected by the Windows Server hardening policy on the Hyper-V host. Since manual registry/DCOM adjustments failed to bypass the RPC_C_AUTHN_LEVEL_PKT_INTEGRITY requirement, please provide the specific configuration or internal Veeam component adjustment required to force the deployment service to meet these integrity requirements in a non-domain environment.
-
mihoo
- Novice
- Posts: 3
- Liked: never
- Joined: Mar 24, 2023 12:19 pm
- Full Name: Darek
- Contact:
Who is online
Users browsing this forum: No registered users and 24 guests