Unwanted connections from media server to unknown agents

Question

I'm setting up a Windows 2012 R2 server to replace my old BE 2014 media server that's currently running on 2008 R2. I'm getting a ton of Security-Kerberos errors that refer to servers in our campus domain but in different departments that I assume are running the BE agent. Netstat -an shows a bunch of established connections with these unwanted agents. I've uninstalled and reinstalled BE a couple of times to make sure that it's the cause. After I uninstalled, all of the unwanted connections immediately disappear and the errors stop showing up. After reinstalling, the connections and errors stared showing up again within 2 minutes. BE 2014 has all of the latest updates. Does anyone know of a way to prevent the BE media server from prostituting itself out across the domain?

Here is an example of the event viewer message. The messages are all the same except that there are dozens of different server names and targets. Also, there is no problem with my SPN configuration (which is what most internet searches refer to for this error). If I need to make a change to SPN related to BE, I can't find any documentation for that.

***

The Kerberos client received a KRB_AP_ERR_MODIFIED error from the server dsserver1$. The target name used was cifs/DSVERIDY.ad.unc.edu. This indicates that the target server failed to decrypt the ticket provided by the client. This can occur when the target server principal name (SPN) is registered on an account other than the account the target service is using. Ensure that the target SPN is only registered on the account used by the server. This error can also happen if the target service account password is different than what is configured on the Kerberos Key Distribution Center for that target service. Ensure that the service on the server and the KDC are both configured to use the same password. If the server name is not fully qualified, and the target domain (AD.CAMPUS.EDU) is different from the client domain (AD.CAMPUS.EDU), check if there are identically named server accounts in these two domains, or use the fully-qualified name to identify the server.

tr-be2014 · Answer

Too early to tell, but I may have solved this. I went into the Backup Exec Settings&gt;Discover Data to Back Up and unchecked the box "Discover servers that have data that has not been backed up." I'll let it stew overnight. If I see any more errors or unwanted connections in that time, I'll post. Otherwise, that's the fix.

Forum Discussion

Unwanted connections from media server to unknown agents

1 Reply

Related Content

Expire unwanted images

Unknown SLP name

URGENT: Restore unknown NetBackup tape

Deleting unwanted backup images from an active tape.

Storage Expiry leads to unwanted shortcut deletion

Recent Discussions

Backup Exec Job got canceled

BackupExec for Oracle 23ai?

Add Oracle DB in Backup Exec

Veritas Backup Exec version upgrade & migrate to another new Server

Veritas Backup Exec 23 - Slow Backup after Windows server 2019 upgrade