Veeam 12 Upgrade Failed – Root Cause Analysis and How the Issue Was Finally Resolved

Recently, due to security vulnerabilities, I was performing an upgrade to Veeam Backup & Replication version 12.3. Today, upgrading one Veeam instance failed. This article documents the analysis process and the solution.

Problem Analysis

According to the prompt, checking the log (SetupBackupCheckerBR_26_10_2025_20_50_44.log) shows the error content:

ERROR [PGSQL] 28000: SSPI authentication failed for user "postgres" (Npgsql.PostgresException)

From the error message, it can be seen that error code 28000 indicates authentication failure, and SSPI (Security Support Provider Interface) is an authentication mechanism used by Windows. This error is a PostgreSQL database authentication failure. Some possible causes for the error are:

• Windows user mismatch
• pg_hba.conf configuration issue
• Service account permission issues

I suspected it was due to a Windows user mismatch because I was logged in with my own domain account, while the account that installed this VBR was a different one. Since there was no authorization, it couldn't connect to the PostgreSQL instance.

So I checked the Veeam official explanation:

This error occurs when the account used to interact with the PostgreSQL instance is not authorized.

Sure enough, since my account wasn't authorized, it naturally couldn't perform the upgrade operation. The solution is quite simple: use the account that deployed the VBR installation to perform the upgrade operation.

Checking the C:\Program Files\PostgreSQL\15\data\pg_ident.conf configuration file:

This configuration file records the domain account used during the VBR installation. I didn't have the password for this account, and the colleague who owned it had already left the company, so it couldn't be used. In this case, the only option was to add a new domain account. You can refer to the following steps.

Solution

Check the Veeam PostgreSQL log (C:\Program Files\PostgreSQL\15\data\log), scroll to the end where the error occurred:

Add the above domain account to the C:\Program Files\PostgreSQL\15\data\pg_ident.conf configuration file:

Save the file, then re-run the upgrade operation:

Problem solved, upgrade completed.

If the hostname of the VBR host has been changed, you might also encounter this issue and need to update the pg_ident.conf file.

Note: Starting from Veeam 12, the underlying data storage can use a PostgreSQL database.

Why Veeam 12 Upgrade Failures Are Often Misleading

Many administrators assume a Veeam 12 upgrade failure is caused by installer bugs or corrupted packages. In reality, upgrade errors are frequently triggered by environmental issues such as:

• Insufficient disk space on system or configuration volumes

• Leftover services or locked processes

• Repository metadata inconsistencies

• Unsupported OS or missing prerequisites

These hidden problems often surface only during the upgrade process, making root cause analysis critical.

Key Lessons Learned from This Veeam 12 Upgrade Case

This case highlights several important upgrade best practices:

• Always validate disk space and file system health before upgrading

• Stop all Veeam-related services cleanly

• Check Windows Event Viewer and Veeam logs, not just installer messages

• Do not ignore “non-critical” warnings shown during pre-checks

Veeam upgrades are reliable—but only when the environment is clean.

✅ Recommended Pre-Upgrade Checklist for Veeam 12

Before upgrading Veeam Backup & Replication, ensure:

• Backup repositories are online and healthy

• No active backup or replication jobs are running

• Windows updates are completed

• Antivirus exclusions are configured for Veeam directories

• A configuration backup has been taken

📌 External reference (Veeam official upgrade guide):
https://helpcenter.veeam.com/docs/backup/vsphere/upgrade_vbr.html

 

vCenter 8.0 Password Recovery from GRUB – Step-by-Step Root Access Guide

A few days ago, I installed vCenter 8.0 to use as a lab environment, but after installation, I found that no matter what password I entered, it was incorrect. After several attempts, I realized I had remembered the wrong password, so I'm documenting this article to help myself and others figure out what to do when you forget your vCenter password.

This article outlines the steps to reset the root password on the ESXi host where vCenter is installed, including reboot procedures, modifying command-line options, and using vDCA to generate a new administrator password.

Introduction

Losing administrative access to VMware vCenter 8.0 can quickly turn into a critical outage. Fortunately, VMware provides a supported way to recover the vCenter root password using GRUB mode, allowing administrators to regain control without reinstalling the vCenter Server Appliance (vCSA).

This guide explains how vCenter 8.0 password recovery from GRUB works, when to use it, and best practices to avoid future lockouts.

Resetting the root account password

1. First, to reset the root password, log in to the ESXi host where vCenter is installed and reboot vCenter.

2. Open the virtual console. When the Photon interface appears, press the "e" key to enter the "Options" settings.

3. After pressing "e", the GNU GRUB interface appears.

4. Add "rw init=/bin/bash" after "fips=1", then press "F10" or "Ctrl+X" to boot into the system.

   This mounts the root filesystem in read-write mode (rw) and specifies the system initialization process as the bash shell (init=/bin/bash), bypassing the normal login process and directly entering a command-line environment with root privileges, used for system troubleshooting (such as resetting passwords, modifying configuration files, etc.).

5. Enter the following commands in sequence:

   mount -o remount,rw / (Remount the already mounted filesystem with read-write permissions to the root directory)

   passwd root (Change the root password)

   Enter the new password

   Enter the new password again

   umount / (Unmount the root filesystem)

   reboot -f (Force reboot the system)

 
mount -o remount,rw / 
passwd root
New password
Retype new password
umount /
reboot -f

Modifying the vCenter password

1. Open the virtual console and press "Alt+F1" to enter the vc command-line interface.

2. Log in with the root account using the newly reset root password.

3. Enter "shell" to enable BASH.

4. Use the "vdcadmintool" command tool to reset the password. Enter the command "/usr/lib/vmware-vmdir/bin/vdcadmintool".

5. Select option 3, "Reset account password", to reset the account password. Enter "3" and press "Enter".

6. Enter "administrator@vsphere.local" and press "Enter". A random password will be generated.

7. Copy the generated random password, open the vc page in a browser, and log in.

8. After entering vc, click the account icon in the upper right corner and select "Change Password".

9. After changing the password, click confirm.

Conclusion

The vCenter 8.0 account password reset process is now complete. For newcomers to the IT field, especially those getting familiar with data center infrastructure, small issues like forgetting a password are actually great opportunities to understand the underlying system logic. It helps you better understand vCenter's boot process, the role of command-line tools (like passwd and vdcadmintool), and more.

However, prevention is always better than recovery—secure your vCenter access, monitor password policies, and document emergency procedures to stay in control of your virtual infrastructure.

Related troubleshooting guide:
https://anfuitblog.blogspot.com/2025/09/how-to-reset-vmware-vcenter-67-root.html

Fixing Veeam Agent Push Error – Emergency Manual Installation Guide for Windows & Linux

Introduction

When deploying workloads through Veeam Backup & Replication, administrators often rely on Veeam Agent push installation to simplify backup rollout across Windows or Linux hosts.
But when the push installation fails, backups cannot run, and organizations may be exposed to data loss.

This article explains how to troubleshoot the Veeam Agent Push Error and provides an emergency manual installation method to quickly restore protection on any system.

First, the Windows backup agent installation package can be downloaded from the Veeam official website.

Stage 1: Backup Agent Installation

1. After downloading the Windows backup agent installation package, right-click and run it as administrator.

2. Select "Next" by default.

3. Click "I Accept."

4. Wait for the backup agent installation to complete.

Stage 2: Creating a Recovery Image

1. After the backup agent installation is complete, by default, "Perform recovery media boot" is checked. Click "Finish."

2. You can customize the contents included in the recovery image; generally, select the middle two options.

3. Choose the storage path for the recovery image ISO (this path is on the local physical server).

4. Enter the username and password for shared access to retrieve this ISO file.

5. Click "Create" to create the recovery image.

6. The recovery image has been created. Check the recovery image at the specified path.

Stage 3: Creating a Backup Job

1. In the recently added items, select "Configure Backup."

2. Enter the backup job name.

3. Select full machine backup. (If the physical machine has an external dongle or other USB devices connected, check the "Include external USB drives" option.)

4. Generally, place the backup data into the Veeam backup repository.

5. Enter the backup console IP address, username, and password.

6. Select the backup repository.

7. Set the backup retention period to 7 days and configure the full backup retention duration.

8. Set the backup execution time.

9. Click "Finish" to complete the backup job creation.

10. When entering the backup console, the physical machine backup job will already exist.

Stage 4: Backup Test Verification

1. Open Veeam Agent for Microsoft Windows.

2. Select the backup job and manually perform a full backup.

3. The task will be triggered in the backup console.

4. Backup successful.

Conclusion

The Veeam Agent Push Error is common in enterprise environments, especially those with strict network or security policies.
By following the troubleshooting steps and applying the emergency manual installation method, you can restore backup functionality quickly and prevent future deployment failures.

Reliable agent installation ensures reliable backups—your last line of defense against data loss and ransomware.

See related troubleshooting:
https://anfuitblog.blogspot.com/2025/12/reviewing-case-where-veeam-backup.html

“Secure VBR Login & Console Best Practices”
https://anfuitblog.blogspot.com/2025/09/making-vbr-login-more-secure-complete.html

Fix the Veeam VBR v12.3 upgrade error

Reviewing a Case Where Veeam Backup Failed – Root Cause, Fixes & Prevention Tips

Introduction

Last Friday, a reporting database deployed on a virtualization platform experienced a service interruption because the underlying storage volume ran out of space, making the disk unwritable and unreadable. Since storage space couldn’t be freed up quickly, we decided to use Veeam Backup to rapidly restore a new database to resume business access as soon as possible.

However, during the database restoration using Veeam, I encountered an unexpected issue. This article will review the entire process and share relevant insights.

Case Overview – What Happened?

First, I confirmed that the daily backup tasks for the reporting database all showed as successful. Based on the backup status, the restore operation should have proceeded smoothly.

Next, I followed Veeam’s standard restoration procedure: creating a virtual machine, installing Oracle software, and deploying the Veeam Agent. Once everything was ready, I launched Veeam Explorer for Oracle to perform the database restore. But then an error appeared:

Cannot find autobackup files for the selected database on the backup repository. Make sure database backup is created with the latest available plug-in version and enable controlfile autobackup on the source server to prevent this error in future.

This error was surprising—if the backup tasks showed success every day, why couldn’t the restore proceed?

According to the error prompt, the backup set did not contain a backup of the control file. Veeam indicated that we should check whether the source database had the control file autobackup feature enabled in RMAN with the following configuration:

 
RMAN> show controlfile autobackup;

RMAN configuration parameters for database with db_unique_name RTP are:
CONFIGURE CONTROLFILE AUTOBACKUP OFF;

If this option wasn’t enabled, Veeam would not back up the control file by default. We later confirmed this in the backup directory:

 
root@veeamrepo01:/backupdata/backups/VeeamPluginUser_LinRman_42101602-3240-f20c-a1c7-1e9946f37a8e# ll c-*
ls: cannot access 'c-*': No such file or directory

The control file is critical for Oracle database recovery. Without it, restoration is impossible. To make matters worse, the original host where the reporting database resided couldn’t start due to storage issues—we were stuck!

Fortunately, the virtualization team promptly freed up some storage space, allowing the original host to reboot and the database to return to normal. I immediately enabled RMAN’s CONTROLFILE AUTOBACKUP configuration, restarted a database backup task in Veeam, and after the backup completed, checked whether the control file existed in the backup directory:

 
root@veeamrepo01:/backupdata/backups/VeeamPluginUser_LinRman_42101602-3240-f20c-a1c7-1e9946f37a8e/sqrptbak_rtpdb# ll c-*
-rw-r--r-- 1 veeamrepo veeamrepo 2248704 Nov 21 11:23 c-1857153753-20251121-00.vab
-rw-r--r-- 1 veeamrepo veeamrepo   17912 Nov 21 11:23 c-1857153753-20251121-00.vasm

Although the issue was resolved, this incident highlighted an important problem: when Veeam backs up an Oracle database, its ability to back up the control file depends on RMAN’s CONTROLFILE AUTOBACKUP configuration. This dependency wasn’t clearly highlighted during the Veeam backup task deployment, which can be misleading.

Afterward, I reviewed Veeam’s official documentation and found that it does include relevant information:

Therefore, I strongly recommend that teams using Veeam to back up Oracle databases promptly check whether the RMAN controlfile autobackup option is enabled on the source database. This ensures the backup set includes the control file and avoids complications during restoration.

Conclusions

This incident served as a wake-up call and offers the following takeaways and recommendations:

1. Backup validation is essential: A backup task showing "success" doesn’t guarantee the backup set is complete or usable. Regularly performing recovery drills is key to verifying backup validity.

2. Understand backup mechanism dependencies: When Veeam backs up Oracle databases, control file backup relies on RMAN’s CONTROLFILE AUTOBACKUP configuration. Be sure to enable this option on the source database to ensure the control file is included in the backup set.

3. Improve deployment and verification processes: When deploying Veeam backup tasks, clearly identify such dependency configurations and include them in initial checklists to avoid unusable backups due to configuration oversights.

4. Establish emergency communication protocols: During issues with underlying infrastructure like storage, timely communication and collaboration with relevant teams can buy more time and options for recovery.

Hope this experience sharing helps everyone better avoid similar risks in daily operations and ensures the reliability of database backup and recovery processes.

Related reading: Veeam Security Deep Dive – Malware & Ransomware Defense

fix Veeam VBR v12.3 upgrade fails

 Understanding Veeam Intelligence Functions – Smart Backup, Threat Detection & Automated Recovery

Introduction

Modern businesses need more than just backups—they need intelligent systems that can detect threats, reduce risks, automate protection, and accelerate recovery.
This is why Veeam Intelligence Functions have become a core part of the Veeam platform, especially with Veeam Backup & Replication v12/v13, where AI-powered features help organizations protect their data against ransomware, malware, and human error.

Veeam Intelligence, as the AI-powered assistant within the Veeam product family, is revolutionizing how we work. It’s not only built into Veeam Backup & Replication but also integrated into other Veeam products such as Veeam ONE, delivering intelligent support across the entire data protection ecosystem.

This article will focus on Veeam Intelligence’s applications within Veeam Backup & Replication; in future discussions, we’ll explore its unique value in other products like Veeam ONE.

Core Capabilities: Your 24/7 Expert Team

Veeam Intelligence is not merely a Q&A tool—it’s a full team of experts. Within Veeam Backup & Replication, whether you need an architect, support engineer, security advisor, or development engineer, it can assume the corresponding professional role. In other products like Veeam ONE, it demonstrates different expertise, providing intelligent support for monitoring, reporting, and analytics.

🏗️ Architect Role: Intelligent Advisor for System Design

When facing complex environment planning, Veeam Intelligence analyzes your VM count, business type, and RTO/RPO requirements to deliver comprehensive architectural design proposals. It not only helps predict storage growth and recommend optimal scaling timing but also identifies potential single points of failure and suggests redundancy solutions. Most importantly, it finds the most cost-effective hardware investment plan while meeting your business needs.

🔧 Support Engineer Role: Troubleshooting Powerhouse

When production issues arise, Veeam Intelligence rapidly analyzes error logs to pinpoint root causes. It doesn’t just check related configuration settings and uncover potential linked issues—it also provides clear, step-by-step troubleshooting guides to help you trace symptoms back to their true origins. Even better, it offers preventive measures to avoid recurrence.

🛡️ Security Advisor Role: Professional Guidance for Data Protection

When facing data security threats and compliance requirements, Veeam Intelligence acts like a dedicated security consultant, offering comprehensive protection recommendations. It not only analyzes current environment risks and suggests appropriate Malware Detection configurations but also provides defense strategies based on the latest threat intelligence. Notably, it delivers targeted security configuration guidance aligned with Veeam’s latest security feature updates from v12 to v13, ensuring your data protection framework consistently meets the latest security standards and compliance mandates.

💻 Development Engineer Role: Coding Partner for Automation

When you need to develop automation scripts or system integrations, Veeam Intelligence automatically generates PowerShell and Python script templates, provides REST API call examples, and delivers complete technical integration plans. This dramatically lowers the barrier to automation development, enabling tasks that once took weeks to be completed in just days.

Latest Highlight: Powered by enhanced foundational models and visible reasoning processes, each role can now see the AI’s professional analytical logic—ensuring accuracy and actionable recommendations.

New Features of Veeam Intelligence in Veeam Backup & Replication

Thanks to recent updates, Veeam Intelligence’s capabilities within Veeam Backup & Replication have taken a quantum leap. While similar features exist in other products like Veeam ONE, this article focuses specifically on VBR scenarios:

🎯 Fully Natural Language Conversations with Voice Input/Output Support

Imagine solving problems as easily as chatting with a colleague: “My backup job failed last night—error code 2934 affected my finance database backup. What should I do?” Veeam Intelligence fully understands your problem description and delivers precise solutions.

Even better, it supports voice input and output. Picture yourself sipping coffee in the morning, saying to your computer: “Give me a report on last night’s backups,” and the AI assistant instantly delivers a detailed summary. This natural interaction makes daily operations smoother and more enjoyable.

🎯 Thinking Mode Support

Veeam Intelligence follows mainstream AI trends by introducing Visible Thinking Process functionality—a now-standard feature in conversational AI. Veeam brings this convenience to the data protection field.

In Thinking Mode, the AI assistant reveals its full analytical process: from understanding the core problem, to querying relevant knowledge bases, to reasoning toward a conclusion. This transparent workflow lets you not only know “what” but also “why.”

This design helps users better understand the AI’s decision logic and enables them to ask follow-up questions about the reasoning process, creating truly meaningful human-AI dialogue experiences.

🎯 Basic and Advanced Modes

Veeam Intelligence offers two distinct working modes, striking a balance between usability and data privacy:

Basic Mode: Operates entirely on Veeam’s public knowledge base without sending your specific environment data to any external services. While it cannot access real-time data from your current VBR server, it’s sufficient for learning Veeam concepts, understanding best practices, or consulting configuration methods.

Advanced Mode: More powerful, this mode directly queries your VBR server information. It transmits relevant data from your backup server to Veeam’s AI model in the cloud, analyzes the data on your backup server, and provides tailored recommendations.