Challenge
After performing Configuration Restore using the Migration mode from a Configuration Backup created by a Veeam Backup & Replication server that had MFA enabled, login attempts using local accounts cause the Veeam Backup & Replication Console to display the error:
Failed to connect to Veeam Backup & Replication server:
Access denied.
Cause
This issue occurs because the local account being used to log in has no Role assigned within the migrated Configuration Database and therefore has no access. The user accounts, their respective roles, and MFA data are stored within the Configuration Database using the use account's SID. While the local account names between the two machines may be the same, the SID is different and is therefore treated as a user that was never assigned a role.
Note: This same issue will impact domain accounts when migrating the configuration to a machine in a different domain that uses the same domain account names as the initial domain to which the original machine was connected.
Solution
Scenario 1: Migrating to a Machine Joined to the Same Domain
If the configuration was migrated to a machine joined to the same domain as the original Veeam Backup Server:
Sign in to the Veeam Backup & Replication Console using a domain account that was assigned a Veeam Backup Administrator role.
Remove the local accounts associated with the old machine from the Users and Roles panel
(Optional) Add local accounts from the new machine as needed.
