PowerProtect:虚拟机备份或还原失败,并显示 DD 错误 — 用户访问权限不足

Summary: PowerProtect Data Manager 虚拟机 (VM) 备份或还原因 PowerProtect 访问失败而失败,“用户访问权限不足”。此问题会影响 Transparent Snapshot (TSDM) 和 VMware vStorage API for Data Protection (VADP) 保护机制。

This article applies to This article does not apply to This article is not tied to any specific product. Not all product versions are identified in this article.
Check out other resources

Symptoms

无论是备份或还原、TSDM 还是 VADP,主要故障都来自 PowerProtect DD Boost 错误“[5075] 用户访问权限不足。”此问题不仅会影响虚拟机,还会影响任何资产类型。

PowerProtect Data Manager 和 PowerProtect DD 上的存储单元凭据正确且匹配。

虚拟机备份失败

  • 错误代码ABV0010或ABV0040
  • 作业错误失败示例,在“错误”下阅读更多>内容:

PowerProtect Data Manager 服务器端的 TSDM 或 VADP 备份失败:

Cannot connect to backup server 'ddve01.amer.lan':  [5075] the user has insufficient access rights

VM Direct Engine 端的 VADP 备份失败:

Backup has FAILED.  Unable to open session to target device "ddve01.amer.lan".  Unable to open DDBoost connection to PowerProtect DD System host "ddve01.amer.lan":  [5075] the user has insufficient access rights

TSDM 服务端(在 ESXI 上)上的 TSDM 备份失败:

Unable to successfully complete SDM Full Sync operation.  The error cannot be retried.  The vCenter task for 'SDM Snapshot Sync Full' completed with state 'error'.  TSDM Error Code: <TargetDataDomainUnreachable>, TSDM Error Message: <Unable to connect to target DataDomain host. Error message: Failed to connect to '192.168.9.106', conn_config_ver='6', err=the user has insufficient access rights>.

 

虚拟机还原失败

  • 错误代码 ARV0019 或 ARV0012
  • 作业错误失败示例,在“错误”下阅读更多>内容:

VADP 虚拟机还原为新虚拟机(无即时访问):

Session '55d09f33-5212-457b-a092-62479749d7b7' is unsuccessful: Unable to open session to backup path device 'ddve01.amer.lan':  [5075] the user has insufficient access rights

TSDM 虚拟机还原为新虚拟机(无即时访问):

Session '14274430-cb74-46e1-b554-9f32a033d622' is unsuccessful: Unable to perform full-restore SDM operation.  The error cannot be retried.  The vCenter task for 'SDM Commit Restore' completed with state 'error'.  TSDM Error Code: <TargetDataDomainUnreachable>, TSDM Error Message: <Unable to connect to target DataDomain host. Error message: Failed to connect to '192.168.9.106', conn_config_ver='6', err=the user has insufficient access rights>.

 

ESXI 上的 tsdm.log 出错

日志位置:/var/run/log

2025-07-04T13:52:01.474Z In(30) tsdm[2099861]: error TSDM[0x0000000bd7b05700] [sub=DdBoostLogger]: ddBoostLogger.cpp:69 WriteDDBoostLog: [2099861:50863298304] ddp_connect_with_config_internal() failed, Hostname: 192.168.9.106, Err: 5075-DDBOOST Error 1 for lookup /data/col1/ on 192.168.9.106 (nfs: Operation not permitted)
2025-07-04T13:52:01.475Z In(30) tsdm[2099861]: error TSDM[0x0000000bd7b05700] [sub=DdBoostLogger]: ddBoostLogger.cpp:69 WriteDDBoostLog: [2099861:50863298304] ddp_connect_with_config() failed, Hostname: 192.168.9.106, Err: 5075-DDBOOST Error 1 for lookup /data/col1/ on 192.168.9.106 (nfs: Operation not permitted)
2025-07-04T13:52:01.475Z In(30) tsdm[2099861]: error TSDM[0x0000000bd7b05700] [sub=SdmDdLog]: ddBoostFacade.cpp:1338 CreateConnectStatus: {DdBoostFacade SdmOpId=[protectedEntity='503e32bf-fe66-4bb8-9458-4529cd6a3770',cycleSession='1751637121228012',traceId='9602a7797e6b9607;a1ca62527c3d68d9']} Failed to connect to '192.168.9.106', conn_config_ver='6', err=the user has insufficient access rights

 

VM Direct 引擎出错 

日志位置:在 PowerProtect Data Manager 上:/opt/emc/vproxy/runtime/logs/recycle/vproxyd/<date> |在外部 VM Direct 引擎上:/opt/emc/vproxy/runtime/logs/recycle/vrecoverd/<date>

2025-07-04T13:51:08.255Z ERROR:  [bc870f76a749fa13;93a2a1e374948f99] Unable to open session to backup path device 'ddve01.amer.lan':  [5075] the user has insufficient access rights
2025-07-04T13:51:08.255Z INFO:   [bc870f76a749fa13;93a2a1e374948f99] Disconnected from session on vCenter 'vcsa.amer.lan'.
2025-07-04T13:51:08.255Z ERROR:  [bc870f76a749fa13;93a2a1e374948f99] Unable to recover to a new VM. Unable to open session to backup path device 'ddve01.amer.lan':  [5075] the user has insufficient access rights

Cause

上面记录的故障是由于允许访问 PowerProtect DD 上的 DD Boost 的受限客户端列表导致的。在本例中,对等 ESXI 或 VM Direct 引擎尚未添加到 PowerProtect DD 受限客户端列表中。这些故障是预期的并且按设计正常工作,要解决必须纠正 PowerProtect DD 配置的问题。

如何确认 PowerProtect DD 受限客户端列表是故障的根源:

1.)通过 ssh 连接到 PowerProtect DD。

2.)运行以下命令以显示当前配置和被授予访问权限的客户端。当不在允许列表中的客户端或主机尝试运行备份或还原时,PowerProtect DD 会按预期拒绝它们。

ddboost client show config

PowerProtect DD 默认设置将位于所有客户端的下方,用 * 表示客户端,如下所示。如果 PowerProtect DD 具有以下配置,则问题与本文不匹配。

Resolution

在 PowerProtect Data Manager 环境中添加需要访问 PowerProtect DD 以进行备份和还原的任何主机。

示例:

1.)通过 ssh 连接到 PowerProtect DD。

2.)运行以下命令,为任何缺失的主机添加所需的 PowerProtect DD 访问权限,以执行备份和还原。PowerProtect Data Manager、VM Direct Engines 应包含在列表中。

替换以下参数以匹配您的环境(包括 <>):

  • <>拒绝使用 PowerProtect DD 的主机 FQDN 进行 ddboost 访问的your_hostname。
ddboost client add <your_hostname>


有关 PowerProtect DD 的任何其他问题都应转至 PowerProtect DD 支持。

Affected Products

PowerProtect Data Manager, PowerProtect Data Manager Software
Article Properties
Article Number: 000340816
Article Type: Solution
Last Modified: 07 Aug 2025
Version:  1
Find answers to your questions from other Dell users
Support Services
Check if your device is covered by Support Services.