Avamar: Back up to Data Domain failed with message "DDR_GET_AUTH_TOKEN" due to too many IP addresses
Summary: Avamar 19.1: Back up to Data Domain failed with message "DDR_GET_AUTH_TOKEN" due to too many IP addresses.
This article applies to
This article does not apply to
This article is not tied to any specific product.
Not all product versions are identified in this article.
Symptoms
Avtar logs report the backup failing due to an invalid token:
Review of /usr/local/avamar/var/ddrmaintlogs/ddrmaint.log shows an error message that there appears to be many IPs associated with the single token request.
avtar Info <41236>: - Connecting to Data Domain Server name "testdd.dell.com" with token:5ba93c9db0cff93f52b521d7420e43f6edxxxxxx
avtar Error <41439>: Using invalid token:5ba93c9db0cff93f52b521d7420e43f6edxxxxxx
avtar Error <41439>: Using invalid token:5ba93c9db0cff93f52b521d7420e43f6edxxxxxx
Review of /usr/local/avamar/var/ddrmaintlogs/ddrmaint.log shows an error message that there appears to be many IPs associated with the single token request.
Warning: Calling DDR_GET_AUTH_TOKEN returned result code:(4904) Invalid API argument. message:Maximum number of client hostnames reached. 52 > 16
Cause
Due to a limitation within the DDboost API, the maximum number of IP addresses and hostnames possible for a single token request is set at 16.
Resolution
For Avamar version 19.1 or later, we have a new feature that allows netbinding of one single client IP to request Data Domain token authentication.
Here is how to accomplish this:
- Log in to the client machine, and go to Avamar var folder. Create a file named avagent.cmd. If it exists, edit the file, and add the following flags:
--enable-bind-token=true
--netbind=<valid IP>
--netbind=<valid IP>
- Save the avagent.cmd file, and then restart Backup agent service. In avagent log, you should see similar log "bind IP ddtoken request procedure, bindHostname = xx.xx.xx.xx".
- Run a backup again. It should work without having to disable token authentication.
For Avamar versions earlier than 19.1, the only workaround is to completely disable token-based authentication at Avamar server side, if you are unable to reduce the total number of IPs and hostnames to below 16 from client side.
Note: Since disabling token authentication affects all clients, it is possible to implement a workaround to ONLY disable token authentication for a specified plug-in. See the KB for more details.
Affected Products
AvamarArticle Properties
Article Number: 000056252
Article Type: Solution
Last Modified: 24 Feb 2025
Version: 4
Find answers to your questions from other Dell users
Support Services
Check if your device is covered by Support Services.