02-21-2019 07:12 AM - edited 02-21-2019 07:15 AM
Hi all.
After a workaround made on a vulnerability CVE-2018-8581 (https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8581)
reg delete HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa /v DisableLoopbackCheck /f
all the exchange restores started to fail with the following error in the job log:
11:19:28 (2974747.001) ERR - unable to create object for restore: \\server_name\Microsoft Information Store\MBX13\Database, rai error = 6
In the EWS log on the exchange server found this:
[583c] 02/20/19 11:19:27 AutoDiscover Failed in locating the url The Autodiscover service couldn't be located.
[583c] 02/20/19 11:19:28 Could not use...... webserviceurl https://mail.name.domain/EWS/Exchange.asmxThe request failed. The remote server returned an error: (401) Unauthorized.
Exchange 2013, Netbackup 8.1 on Windows 2012, Netbackup 5330 Appliace
Anybody experienced this already and have any suggestion or solution?
thank you
Marian
02-21-2019 10:47 AM
When I follow your Microsoft link, it says the vulnerability has not been publicly disclosed and it has not been exploited. I had to click through acceptance of terms of service to get to it.
NetBackup uses Exchange Web Services (EWS) to restore mail items. We get a URL for EWS by calling the EWS autodiscover API provided by Microsoft. It appears that you have disabled EWS autodiscovery.
Please look for this error in the ncfgre log and share any extra information you may find relating to this error. When autodiscover fails, NetBackup then uses PowerShell to try to construct a working URL. You should find evidence of this in the ncfgre log and the monad log.