因此,我们已经尝试使用 Veeam Backup & Replication 一段时间了。我们为 Veeam Backup Server 设置了一个专用的 VM,它每天备份我们所有的基础设施组件。我们还没有获得许可证,所以这是我们正在测试的社区版本(版本11a 版本 11.0.1.1261 P20220302)
我们有几个虚拟机,其中有包含数据库的 SQL Server 实例。我们使用 Veeam 的应用程序处理选项来备份数据库并将其包含在备份文件中。
但是,当我们尝试从备份文件执行数据库还原时,无论是在 Veeam Backup Server 计算机还是另一台本地计算机上,我们都会遇到问题。我们按照中所述执行应用程序项还原Veeam B&R 文档然后执行以下步骤数据发布使用 Veeam SQL Explorer 到本地(暂存)SQL Server。我们尝试发布数据库、恢复 .BAK 文件,甚至直接保存 MDF 和 LDF 文件。由于缺少权限,所有操作均失败(请参阅下面的 Veeam SQL Explorer 日志)。
11/04/2022 00:17:32 21 (8876) Connecting to SQL Server localhost\SQL2019 using Windows authentication (username: WIN-KB0LJQ6QU6L\Administrator)...
11/04/2022 00:17:32 21 (8876) Connection completed successfully.
11/04/2022 00:17:32 21 (8876) Checking database version compatibility (server: Microsoft SQL Server 2014, database version: 782)...
11/04/2022 00:17:32 21 (8876) Target server (localhost\SQL2019) is identified as Microsoft SQL Server 2019 (version: 904).
11/04/2022 00:17:32 21 (8876) Connecting to SQL Server localhost\SQL2019 using Windows authentication (username: WIN-KB0LJQ6QU6L\Administrator)...
11/04/2022 00:17:32 21 (8876) Connecting to SQL Server localhost\SQL2019 using Windows authentication (username: WIN-KB0LJQ6QU6L\Administrator)...
11/04/2022 00:17:32 21 (8876) Validating account permissions for server 'localhost'...
11/04/2022 00:17:32 21 (8876) Validation completed successfully.
11/04/2022 00:17:33 16 (9136) Publishing database...
11/04/2022 00:17:33 16 (9136) Restore point ID: 3147eb18-d76a-47f1-ab4c-ec5a67dd81f1
11/04/2022 00:17:33 16 (9136) SQL server: localhost\SQL2019
11/04/2022 00:17:33 16 (9136) Database name: bigsoft_33o_vide
11/04/2022 00:17:33 16 (9136) Connecting to SQL Server localhost\SQL2019 using Windows authentication (username: WIN-KB0LJQ6QU6L\Administrator)...
11/04/2022 00:17:34 17 (11180) Getting Instant Recovery sessions...
11/04/2022 00:17:34 17 (11180) New USN value: 5113
11/04/2022 00:17:34 17 (11180) Loaded 0 Instant Recovery sessions
11/04/2022 00:17:34 17 (11180) Loading databases completed
11/04/2022 00:17:37 19 (9280) Getting Instant Recovery sessions...
11/04/2022 00:17:37 19 (9280) New USN value: 5114
...
11/04/2022 00:18:05 16 (9136) Database publish failed
11/04/2022 00:18:05 16 (9136) Error: Method failed with unexpected error code 3.
11/04/2022 00:18:05 16 (9136) Type: System.InvalidOperationException
11/04/2022 00:18:05 16 (9136) Stack:
11/04/2022 00:18:05 16 (9136) at System.Security.AccessControl.NativeObjectSecurity.CreateInternal(ResourceType resourceType, Boolean isContainer, String name, SafeHandle handle, AccessControlSections includeSections, Boolean createByName, ExceptionFromErrorCode exceptionFromErrorCode, Object exceptionContext)
at System.Security.AccessControl.FileSystemSecurity..ctor(Boolean isContainer, String name, AccessControlSections includeSections, Boolean isDirectory)
at System.Security.AccessControl.FileSecurity..ctor(String fileName, AccessControlSections includeSections)
at System.IO.FileInfo.GetAccessControl(AccessControlSections includeSections)
at Veeam.Engine.Security.FileAccess.GetAccessControl(String path, AccessControlSections sections)
at Veeam.Engine.Security.FileSystemSecurity.HasFileAccess(String accountName, String path)
at Veeam.Engine.FileSystem.LocalAccessChecker.GrantFileAccess(String filePath)
at Veeam.SQL.Core.Extensions.AccessCheckerExtension.CheckDatabaseFilesAccess(IAccessChecker accessChecker, IDatabaseFiles databaseFiles, String permissionSourceFolder)
at Veeam.SQL.Restore.Publish.RestorePointDatabasePublisher.Publish(ISqlBroker broker, ISqlConnectProvider sqlConnectProvider, IPublishConfig config, Boolean isClustered, ISqlActionsObserver observer, CancellationToken ct)
at Veeam.SQL.Restore.Publish.DatabasePublisher.Publish(ISqlBroker sqlBroker, ISqlConnectProvider sqlConnectProvider, IPublishConfig config, ISqlActionsObserver observer, CancellationToken ct)
at Veeam.SQL.Restore.Publish.DatabasePublisher.Publish(ISqlConnectProvider sqlConnectProvider, IPublishConfig config, ISqlActionsObserver observer, CancellationToken ct)
at Veeam.SQL.Restore.Publish.DatabasePublisher.Publish(IPublishConfig config, ISqlActionsObserver observer, CancellationToken ct)
at Veeam.SQL.Restore.Publish.LoggedDatabasePublisher.Publish(IPublishConfig config, ISqlActionsObserver observer, CancellationToken ct)
11/04/2022 00:18:06 1 (6504) Database publish failed
11/04/2022 00:18:06 1 (6504) Error: Method failed with unexpected error code 3.
11/04/2022 00:18:06 1 (6504) Type: System.InvalidOperationException
11/04/2022 00:18:06 1 (6504) Stack:
11/04/2022 00:18:06 1 (6504) at System.Security.AccessControl.NativeObjectSecurity.CreateInternal(ResourceType resourceType, Boolean isContainer, String name, SafeHandle handle, AccessControlSections includeSections, Boolean createByName, ExceptionFromErrorCode exceptionFromErrorCode, Object exceptionContext)
at System.Security.AccessControl.FileSystemSecurity..ctor(Boolean isContainer, String name, AccessControlSections includeSections, Boolean isDirectory)
at System.Security.AccessControl.FileSecurity..ctor(String fileName, AccessControlSections includeSections)
at System.IO.FileInfo.GetAccessControl(AccessControlSections includeSections)
at Veeam.Engine.Security.FileAccess.GetAccessControl(String path, AccessControlSections sections)
at Veeam.Engine.Security.FileSystemSecurity.HasFileAccess(String accountName, String path)
at Veeam.Engine.FileSystem.LocalAccessChecker.GrantFileAccess(String filePath)
at Veeam.SQL.Core.Extensions.AccessCheckerExtension.CheckDatabaseFilesAccess(IAccessChecker accessChecker, IDatabaseFiles databaseFiles, String permissionSourceFolder)
at Veeam.SQL.Restore.Publish.RestorePointDatabasePublisher.Publish(ISqlBroker broker, ISqlConnectProvider sqlConnectProvider, IPublishConfig config, Boolean isClustered, ISqlActionsObserver observer, CancellationToken ct)
at Veeam.SQL.Restore.Publish.DatabasePublisher.Publish(ISqlBroker sqlBroker, ISqlConnectProvider sqlConnectProvider, IPublishConfig config, ISqlActionsObserver observer, CancellationToken ct)
at Veeam.SQL.Restore.Publish.DatabasePublisher.Publish(ISqlConnectProvider sqlConnectProvider, IPublishConfig config, ISqlActionsObserver observer, CancellationToken ct)
at Veeam.SQL.Restore.Publish.DatabasePublisher.Publish(IPublishConfig config, ISqlActionsObserver observer, CancellationToken ct)
at Veeam.SQL.Restore.Publish.LoggedDatabasePublisher.Publish(IPublishConfig config, ISqlActionsObserver observer, CancellationToken ct)
at Veeam.SQL.Restore.Publish.AuditedDatabasePublisher.Publish(IPublishConfig config, ISqlActionsObserver observer, CancellationToken ct)
at Veeam.SQL.Restore.Publish.StoringDatabasePublisher.Publish(IPublishConfig config, ISqlActionsObserver observer, CancellationToken ct)
at Veeam.SQL.Restore.Publish.PublishService.Publish(IPublishConfig config, ISqlActionsObserver observer, CancellationToken ct)
at Veeam.SQL.Explorer.Async.Publish.AsyncPublishDatabaseTask.Run(IProcessObserver observer, CancellationToken ct)
at Veeam.Presentation.Async.VisualAsyncTask.Execute(IProcessObserver observer)
请注意,Veeam 是作为本地系统帐户安装在 Veeam 备份服务器上的,使用 Windows 身份验证登录的用户属于管理员组。此外,我们在本地计算机中导入了备份,并测试了在 Windows Server 2019 上以用户“管理员”身份运行所有内容(Veeam 服务、Veeam 用户帐户和 sql explorer 服务),但权限问题仍然存在。
这个问题针对的是任何熟悉 Veeam 的人,或者任何了解通用错误消息以及如何通过在 Windows 中提供完全权限来绕过它的人。
答案1
联系支持人员后,发现问题在于我没有在备份中包含 SQL Server DATA 目录。我以为 Veeam 会帮我做这件事,因为它允许我激活应用程序处理。我不记得在文档中看到过有关此问题的任何详细信息,否则我可能会错过它。
也可以通过选择整个计算机进行备份或对 C 盘进行卷备份来缓解此问题。显然,建议无论如何都保存整个计算机以便立即恢复。
只要包含 DATA 目录,所有模糊错误就会消失。
答案2
请参阅所需权限:
https://helpcenter.veeam.com/docs/backup/explorers/vesql_permissions.html?ver=110
Veeam 服务账户在 mssql 上执行备份的最低权限:
引擎级别:查看任何定义、查看服务器状态
DB 级别:主:db_backupoperator、db_datareader
msdb:db_backupoperator、db_datawriter、db_datareader
您想要备份 trn-logs 的任何数据库:db_backupoperator、db_denydatareader
您的 Veeam 服务帐户也需要成为本地管理员组的一部分。
为了能够直接在 mssql 中执行恢复,需要 dbcreator 引擎级别角色。
为了正确设置,您需要将您的 Veeam 服务帐户更改为域用户。
简易模式:SQL 上的域管理员和系统管理员(如果您也想备份和恢复 AD 对象,您可以立即采用这种方式)