The specified Azure application or user doesn't have enough permissions to access KeyVault.

Hi @liorkrispin 

There may be a misconfiguration on the Azure side. 

Are you able to share the extracts from the vsbkp.log located on the machine attempting to do the backup?

File can be located within the installation dir (default C:\Program Files\Commvault\ContentStore\Log Files). 

If you re-produce the issue (run a backup), wait until it fails, open that file up and share the failure extracts you see (e.g. AzureResourceManagement.BackupKeyOrSecretRestAPI() - User was not found on any access policy for KeyVault.).
 

Let me know if you have any issues accessing/finding the logs.

Thanks, 
Chris 

hi Chris,

i cannot find on my client the file name vsbkp.log….

where can i find him?

Hi @liorkrispin 

The log will be found on the proxy configured to do the backup.

You can find what this is by viewing the Azure Resource Managers properties:

 

Once you’ve identified the proxy, you can open up the file in the default install directory (C:\Program Files\Commvault\ContentStore\Log Files).

Alternatively, you can right click the job in the GUI > view > logs > if the job is still available / has metadata to retrieve, we can then see the log extracts here (use the ‘select all’ option at the top).

https://documentation.commvault.com/11.24/expert/5573_viewing_log_files_for_active_jobs.html

Let me know how you go.

Chris