Data Protection Advisor (DPA): Unable to discover TLS 1.2 enabled Windows SQL 2012

           

   Article Number:     536123                                   Article Version: 2     Article Type:    Break Fix 
   

 


Product:

 

Data Protection Advisor,Data Protection Advisor 18.1,Data Protection Advisor 18.2,Data Protection Advisor 19.1,Data Protection Advisor 6.5

 

Issue:

 

 

When attempting to discovering a Windows SQL server which has TLS 1.2 enabled the following errors are seen in the dpaagent.log:   
   
    ERROR: cannot connect to MSSQL database   
    ERROR: sodbcOpen:SQLDriverConnect() returned info:   
                                  Record 1, Status: 17 , State: 08001, Description: [Microsoft] [ODBC SQL Server Driver] [DBNETL1B]SQL Server does not exist or access denied   
                                  Record 2, Status: 53 , State: 01000, Description: [Microsoft] [ODBC SQL Server Driver] [DBNETL1B]ConnectionOpen (Connect()).   
    ERROR: SQLDriverConnect() failed : connect string was DRIVER=SQL Server;SERVER="server name";TRUSTED_CONNECTION=yes;DATABASE=msdb;   
    ERROR: Failed to connect to database server. server="server name", dbname=msdb, user=, port=1433, flags=1. Error was: Record 1, Status: 17 , State: 08001, Description: [Microsoft] [ODBC SQL Server Driver] [DBNETL1B]SQL Server does not exist or access denied   
                                   Record 2, Status: 53 , State: 01000, Description: [Microsoft] [ODBC SQL Server Driver] [DBNETL1B]ConnectionOpen (Connect()).   
   
     
                                                           

 

 

Cause:

 

 

The default ODBC SQL Server Driver does not support TLS 1.2.                                                           

 

 

Resolution:

 

 

For the DPA agent to successfully connect to the TLS 1.2 enabled Windows SQL server, the agent must use an ODBC SQL driver which supports TLS 1.2 connections such as SQL Server Native Client 11.0.  To force the agent to use a new ODBC SQL driver the following steps need to be taken:   
   
    1. Use regedit to create the following Key:   
   
    HKEY_LOCAL_MACHINE\SOFTWARE\EMC\DPA\AGENT    
   
    2. Create the following String Value in the AGENT key   
   
    MSSQLSERVER_DRIVER   
   
    3. Enter an ODBC SQL driver name which supports TLS1.2 such as "SQL Server Native Client 11.0" in the Value data for the String Value MSSQLSERVER_DRIVER.     
    4. Restart the DPA Agent services   
    5. Attempt to re-discover the Windows SQL server   
   
    Note further information on this topic can be found in the Data Protection Advisor Installation and Administration Guide.