NMM Active Directory Granular backup fails with Authentication error; Client credential too weak

Summary: NetWorker Module for Microsoft (NMM) fails manual backups of Active Directory. The backup fails with Authentication error; Client credential too weak.

This article applies to This article does not apply to This article is not tied to any specific product. Not all product versions are identified in this article.
Check out other resources

Symptoms

NetWorker Module for Microsoft (NMM) fails manual backups of Active Directory.   

  • Example Command - this command is run from command line
nsradsave -b "PoolName" -s ServerName  -D 9  -l full "DC=amer,DC=lan"

 

Example Output 
 

C:\Program Files\EMC NetWorker\nsr\applogs>nsradsave -b dd1amerlan -s linux1 -l full "CN=users,DC=amer,DC=lan"

89613:(pid 3080): Unable to initialize SSL library: BSAFE FIPS library path was not set
200170:(pid 3080): unable to initialize multisubnet state: Authentication error; why = Client credential too weak
145072:(pid 3080): Unable to get port range from local nsrexecd: Failed to initialize ports using nsrexecd on dc.amer.lan: Authentication error; why = Client credential too weak
107092:(pid 3080):Version information for C:\Program Files\EMC NetWorker\nsr\bin\nsradsave.exe: Original file name: nsradsave.exe    
   Version: 19.11.0.17     Comments: Supporting Microsoft Volume Shadow Copy Service
53362:(pid 3080): Cannot start session with server linux1: Authentication error; why = Client credential too weak
Could not obtain root entries
Failed to initialize backup.
Authentication error; why = Client credential too weak

 

Cause

The root cause of this issue is known limitation with client initiated (manual) backups.  

  • This happens when the NetWorker Server and Client both have nsrauth in NSRLA "auth methods", for example,
auth methods:  "0.0.0.0/0, nsrauth"
  • This also happens if the NetWorker Server is linux and uses only nsrauth

 

Resolution

The limitation is documented in NMM Administration Guide.

Supported Active Directory backup and recovery types and configurations

NMM supports:
● Granular backups, which are performed at full and incremental levels.
● Granular recoveries, which are recoveries of individual Active Directory objects or object attributes.

NOTE: To back up and recover file system, and recover system state backups, use NetWorker.

NOTE: For successful client initiated backups, change the auth methods in NMM client to auth methods:

0.0.0.0/0,nsrauth/oldauth.
 

Article Properties
Article Number: 000200776
Article Type: Solution
Last Modified: 20 Jan 2026
Version:  6
Find answers to your questions from other Dell users
Support Services
Check if your device is covered by Support Services.