...
BugZero found this defect 2099 days ago.
Interactions with either SharePoint Online or OneDrive for Business within Veeam Backup for Microsoft 365 fail with either of the following errors:
To communicate with SharePoint online Veeam Backup for Microsoft 365 uses Microsoft CSOM library. When the CSOM library receives an authorization request, it attempts to reach msoid.onmicrosoft.com and msoid.<your-organization-domain>.onmicrosoft.com. Most internet service providers cannot resolve those names, and the CSOM library will quietly ignore those sites being unreachable. However, this only works if the library receives an HTTP error code (e.g., 404, 500, 503, etc.). The error message occurs when an ISP redirects unresolved DNS calls to their DNS helper page, returning a status code 200 OK. When that happens, the library attempts to authenticate through this “helper” page, which fails with the error “For security reasons DTD is prohibited in this XML document.” or “Identity Client Runtime Library (IDCRL) could not look up the realm information for federated sign-in.”
While the issue is out of Veeam’s support scope, what follows is a list of solutions customers have reported resolved their issue: Option 1: Contact the ISP Some customers have reported that they were able to contact their ISP and request that the DNS relay or DNS helper feature be disabled. Option 2: Edit the hosts file Create entries within the hosts fileC:\Windows\System32\drivers\etc\hosts of the Veeam Backup for Microsoft 365 server to force the msoid domains to resolve to the loopback IP of 127.0.0.1.