NetWorker：守护程序日志中的 SQL 备份错误 “无法从'<clientname>读取请求 GSS 身份验证状态更新”

NMM/SQL 备份在 以下服务器 的守护程序日志中存在错误：
nsrexecd NSR critical Unable to authenticate user USERNAME: Unable to read request from 'CLIENTNAME' for a GSS authentication status update: Connection reset by peer. Consult CLIENTNAME s daemon log for additional information.

客户端守护程序有错误：
nsrexecd NSR notice 06/28/16 17:19:42.763849 Encountered BSAFE SSL error: The SSL read operation did not complete

如果在调试 1 或 2 模式下运行，则 NW 服务器上的模拟可能会出现以下错误：
 
nsrexecd NSR critical Unable to authenticate user USERBANE/CLIENTNAME@DOMAINNAME: Unable to read request from 'CLIENTNAME' for a GSS authentication status update: Connection reset by peer. Consult CLIENTNAME's daemon log for additional information

身份验证由于无法打开创建的管道而失败，并回退到弱身份验证：
 
06/30/16 12:54:11.244790 DEBUG: the pipe name -> \\CLIENTNAME\pipe\nsridentity2ce0
06/30/16 12:54:11.244790 DEBUG: failed to open pipe
06/30/16 12:54:11.416677 RPC Authentication: error in LookupAccountSid: No mapping between account names and security IDs was done. (Win32 error 0x534)
06/30/16 12:54:11.432303 An unexpected error occured in file: rpc/lib/gsslgtov1.c, line: 2756, message = "Could not open file"
101036:save: Falling back to a weaker RPC authentication flavor since GSS authentication failed: Authentication error; why = GSS-API context problem
06/30/16 12:54:11.432303 Setting DNS cache TTLs to 1800 secs for positive lookups and 1800 secs for negative lookups
79355:save: Could not get session key from CLIENTNAME for GSS authentication with NW_SERVERNAME: Authentication error; why = GSS-API context problem
 

当 SQL 代理程序 sqlagent.exe 由于安全要求，以 不是 本地管理员帐户的用户帐户身份运行。
NW 备份使用同样不是本地管理员帐户的 SQL 代理帐户（具有模拟）触发。
 

此问题已找到以下解决方法：

• 删除强身份验证 （nsrauth） from the SQL hosts， so they use oldauth 。
• 将 SQLAGENT 用户帐户设为 SQL 主机上的本地管理员（并重新启动 SQL Server 服务） 
• 从 Windows 任务计划程序启动作业
• 从命令行手动启动作业