Video Screencast Help

Backup Exec 2010 R3 Trust Relationship error?

Created: 04 May 2011 • Updated: 04 May 2011 | 6 comments
This issue has been solved. See solution.

Just upgraded to  2010 R3  from 2010  and this morning all my backups are failing for the same error.

"Final error: 0xe0009b86 - Backup Exec cannot connect to the remote agent because a trust relationship was not established between the remote agent and the media server. To establish a trust relationship, add the remote agent to the Favorite Resources in the backup selection tree."  How do you add the remote agent to the Favorite Resources in the backup selection tree? I installed the remote agent on all the servers. Test Run passed.

Thanks.

Bill

Comments 6 CommentsJump to latest comment

BowlingSS's picture

I think I found the problem. Not all the servers failed. Let me do more checking.

Bill

SOLUTION
Colin Weaver's picture

R3's new security implementation (TLS/SSL) to minimize Man-in-the-middle attacks is likely to be the cause of your problem.

A push install of remote agents should configure the security trusts correctly however if you can't push install then some manual steps are required. A Trust prompt should be triggered if you browse to an affected remote system within a backup selection list inside the BE console. You you have to acknowledge this trust to configure the remoet agent.

 

You also should be able to check trusted media servers by running VXMon.exe on the remote server.

 

 

 

fwolf's picture

Hello everybody,

I need to know how the trust realtionshship between the mediaserver and a linux agent may be established or how I can disable this new 'feature'.

Regards

Kiran Bandi's picture

You must add a remote Linux or UNIX computer to User-defined Selections in the backup selections list to establish a trust relationship between the media server and the remote computer.

Refer: http://www.symantec.com/docs/TECH156427

Regards......

fwolf's picture

Thanks for your help. Could you tell me how it works with servers that are backuped by IP? I have some servers where the lines in the selectionlists look like this one:

\\192.168.X.X\[ROOT]/etc/*.* /SUBDIR

Erick Michalski's picture

Way to go Symantec. Unfortunately, I'm more worried about all of the backup jobs failing than "man-in-the-middle" attacks on my local network. Fixing non-existent security issues on 150 servers was how I wanted to spend my day anyway. Does anyone know if this can be disabled?