During a routine check of my provisioned Azure services, I noticed that my critical server was not being backed up. Here is a sample error report that I got.
Umm... what? I took a look at the troubleshooting steps and followed all the steps.
1) My server is protected by NSGs, but we do not limit outbound communication, so that was fine.
2) The agent seemed to be communicating (the portal was getting the correct information)
3) I attempted rebooting ( no luck) and reinstalling the guest agent (also no luck)
The only thing I could tell was that it stopped (a) the last time we patched and (b) it errors out on the "take snapshot" step.
I ended up contacting support and the problem ended up being that a .NET update had happened, and a couple of registry keys has been blown away. These registry keys have to do with the type of encryption used for TLS (by the .NET framework). For reference, here they are:
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\.NETFramework\v2.0.50727]
"SchUseStrongCrypto"=dword:00000001
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\.NETFramework\v4.0.30319]
"SchUseStrongCrypto"=dword:00000001
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\.NETFramework\v4.0.30319]
"SchUseStrongCrypto"=dword:00000001
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\.NETFramework\v2.0.50727]
"SchUseStrongCrypto"=dword:00000001
Adding these allowed me to get past the "take snapshot" step, and I started to have successful backups. Hope that helps!
No comments:
Post a Comment