Backup and Recovery
Backup and Recovery 7.1
Backup and Recovery 7.1
  • Storware Backup & Recovery documentation
    • Table of Contents
  • Changelog
  • Overview
    • Main Features
    • Storware Backup and Recovery concepts
      • Support Matrix
      • Architecture
      • Components
      • Backup types
      • Typical Scenarios
    • Licensing
    • Product Life Cycle
  • Deployment
    • Component requirements
    • Supported platforms requirements
    • Sizing Guide
      • Small
      • Medium
      • Large
    • Installation
      • ISO-based installation
      • Quick Installation using all-in-one script
      • Installation using Ansible playbook
      • Installation with RPMs
      • Deployment in Microsoft Azure
      • Virtual Appliance
        • RHV/oVirt/OLVM Virtual Appliance
        • Citrix Hypervisor | XCP-ng Virtual Appliance
        • VMware Virtual Appliance
        • Nutanix Acropolis Hypervisor (AHV)
    • Initial Configuration
    • Backup Destinations
      • File System
        • Synthetic File System
          • XFS
          • DD Boost
        • isoLayer (Synthetic)
        • File system
          • Virtual Data Optimizer (VDO)
        • Catalogic Software vStor
      • Deduplication Appliances
        • Dell EMC Data Domain
        • Huawei OceanProtect
        • HPE StoreOnce
        • Exagrid
        • Neverfail HybriStor
      • Object Storage
        • Alibaba Cloud OSS
        • AWS S3 or S3-compatible
        • Ceph Rados Gateway
        • Cloudian S3
        • Wasabi
        • Google Cloud Storage
        • IBM Cloud Object Storage
        • Microsoft Azure Blob Storage
        • Nutanix Objects
        • OpenStack SWIFT
        • Oracle Cloud Infrastructure Object Storage
        • Scality RING
      • Enterprise Backup Providers
        • Dell EMC Avamar
        • Dell EMC Networker
        • IBM Spectrum Protect
        • Micro Focus Data Protector
        • Veritas NetBackup
        • Rubrik Managed Volumes
      • Tape Pools
    • High Availability
      • 2 Node Cluster
      • 3 Node Cluster
    • Common tasks
      • Staging space configuration
      • Enabling HTTPS connectivity for nodes
      • LVM setup on Storware Backup & Recovery Node for disk attachment backup mode
      • Full versions of libvirt/qemu packages installation
      • SSH public key authentication
      • Enabling HTTP(S) Proxy for Storware Backup & Recovery
  • Protecting Virtual Environments
    • Virtual Machines
      • VMware vSphere/ESXi
      • Microsoft Hyper-V
      • Azure Stack HCI
      • Nutanix Acropolis Hypervisor (AHV)
      • Red Hat Openshift Virtualization
      • Red Hat Virtualization
      • oVirt
      • Oracle Linux Virtualization Manager
      • Oracle VM
      • Proxmox VE
      • KVM/Xen
      • OpenStack
      • OpenNebula
      • Virtuozzo
      • Verge
      • Citrix Hypervisor (XenServer)
      • XCP-ng
      • Huawei FusionCompute
      • HPE SimpliVity
      • SC//Platform
    • Cloud
      • Amazon EC2
      • GCP GCE
      • Azure Cloud
    • Containers
      • Kubernetes
      • Red Hat OpenShift
      • Proxmox VE
    • Backup & Restore
    • v2v migration
  • Protecting Microsoft 365
    • Microsoft 365 organization management
      • Configure Microsoft 365 access
      • Add Microsoft 365 organization manually
      • Add Microsoft 365 organization using the Setup Assistant
      • Account auto-synchronization
    • Backup & Restore
    • Suppoted Sharepoint templates, and limitations
  • File Level Backup and Restore - OS Agent
  • Protecting Applications
    • Applications
      • MSSQL
      • MySQL/MariaDB
      • PostgreSQL
      • DB2
      • Oracle
      • Relax and Recover - ReaR
      • Git
      • oVirt/RHV/OLVM
      • Kubernetes/OpenShift etcd
    • Backup & Restore
  • Protecting Storage Providers
    • Storage Providers
      • Ceph RBD
      • Nutanix Files
      • Nutanix Volume Groups
    • Backup & Restore
  • Administration
    • Dashboard
    • Virtual Environments
      • Instances
        • Backup on-demand
        • Restore on-demand
        • Snapshot Management
      • Virtualization Providers
      • Backup SLAs
        • Policies
        • Schedules
      • Snapshot SLAs
        • Policies
        • Schedules
      • Recovery Plans
        • Policies
        • Schedules
      • Mounted Backups (File-level Restore)
    • Storage
      • Instances
        • Backup on-demand
        • Restore on-demand
      • Infrastructure
      • Backup SLAs
        • Policies
        • Schedules
      • Snapshot SLAs
        • Policies
        • Schedules
      • Mounted Backups (File-level Restore)
    • Cloud
      • Instances
      • Service Providers
      • Backup SLAs
        • Policies
        • Schedules
      • Download
    • Applications
      • Instances
      • Execution Configurations
      • Backup SLAs
    • Endpoints
      • Environment
      • Administrators
      • Endpoints Server Management
        • Dashboard
        • Packages
        • Organizations
      • Endpoints Administrator
        • Dashboard
        • Users
          • Local users
          • LDAP users
        • Devices
          • Devices list view
          • Device status
        • Backup SLA
          • Create a Backup SLA
            • GENERAL
            • WINDOWS
            • MAC OS (technical preview)
            • EMAIL CLIENTS
          • Backup SLA management
          • Backup SLA removal
        • Restore Jobs
        • Client Deployments
    • Reporting
      • Virtual Environments
      • Storage
      • Microsoft 365
      • Applications
      • Notifications
      • Audit Log
    • Nodes
      • Instances
      • Node Configurations
    • Access Management
      • Users
      • Groups
      • Roles
      • OS Credentials
    • Settings
      • Global Settings
      • Internal DB Backup
      • Notification Rules
      • Mailing Lists
      • Endpoints Global Settings
    • Upgrade
    • CLI Reference
    • CLI v2 Reference
  • Integration
  • Integration Plugins
    • Red Hat Virtualization UI Plugin
    • oVirt UI Plugin
    • Oracle Linux Virtualization Manager UI Plugin
    • OpenStack UI Plugin
  • Troubleshooting
    • Enable DEBUG mode in Storware Backup and Recovery
    • Collecting logs
    • External log targets
    • Disaster Recovery
  • Known software issues and limitations
  • Glossary
Powered by GitBook
On this page
  1. Protecting Microsoft 365
  2. Microsoft 365 organization management

Configure Microsoft 365 access

PreviousMicrosoft 365 organization managementNextAdd Microsoft 365 organization manually

Before you start to configure Backup SLAs, Storware Backup & Recovery server has to get access to your Microsoft 365 organization configuration first.

Access to data is performed via an application configured in your Microsoft 365 organization.

Note: You can skip this step if you want to add your Microsoft 365 organization to Storware Backup & Recovery server using the . If not, please proceed with the next steps.

Note: Storware Backup & Recovery does not store your Microsoft 365 administrative id and password.

Manually registering an application with Azure Active Directory

A new Microsoft 365 application has to be registered and configured in Azure Active Directory. When it's done, in the next step you can add the application (organization) to Storware Backup & Recovery server.

The instruction is as follow:

  1. Go to the Azure portal () page and sign in to your Microsoft account by using your Microsoft 365 administrative user ID and password.

  2. In the home view, go to Manage Azure Active Directory (click the View button).

  3. To open the Azure Active Directory admin center, in the left pane, click the ellipsis to expand the Show all menu, and then click Admin centers > Azure Active Directory.

  4. In the tenant dashboard menu, click App registrations and then click New registration.

  5. Specify a user-facing name for the Microsoft 365 application, on the Register an application page by entering a name in the Name field.

  6. Use the default options for the remaining fields, and click Register. The app registration is set up with the user-facing name that you entered.

  7. To obtain the application (client) ID, and directory (tenant) ID string, go to Azure Active Directory > tenant - App registrations > Owned applications. Click the application name, copy the application ID string and directory ID. These strings will be required later when you register the Microsoft 365 service on Storware Backup & Recovery server.

  8. To create a client secret for this application ID, click Certificates & secrets > New client secret.

  9. On the "Add a client secret" pane, enter any user name in the Description field, and click Add. A client secret is generated, and the value is then displayed in the Client secrets pane.

  10. Copy the client secret to the clipboard by using the copy icon next to the Client secret value field. This character string is also used for registration with Storware Backup & Recovery server.

  11. To add permissions for this application ID, click API permissions > Add permission.

  12. Specify permissions for each API in the following table by taking the following actions. Select the API name, for example, Azure Active Directory Graph.

    API
    Permission name
    Permission type

    Azure Active Directory Graph

    Calendars.ReadWrite

    Application

    Microsoft Graph

    Channel.Create

    Application

    Microsoft Graph

    Channel.ReadBasic.All

    Application

    Microsoft Graph

    ChannelMember.Read.All

    Application

    Microsoft Graph

    ChannelMember.ReadWrite.All

    Application

    Microsoft Graph

    ChannelMessage.Read.All

    Application

    Microsoft Graph

    Chat.Create

    Application

    Microsoft Graph

    Chat.Read.All

    Application

    Microsoft Graph

    Chat.ReadBasic.All

    Application

    Microsoft Graph

    Chat.ReadWrite.All

    Application

    Microsoft Graph

    ChatMember.Read.All

    Application

    Microsoft Graph

    ChatMember.ReadWrite.All

    Application

    Microsoft Graph

    Contacts.ReadWrite

    Application

    Microsoft Graph

    Directory.ReadWrite.All

    Application

    Microsoft Graph

    Files.ReadWrite.All

    Application

    Microsoft Graph

    Group.Create

    Application

    Microsoft Graph

    Group.ReadWrite.All

    Application

    Microsoft Graph

    GroupMember.Read.All

    Application

    Microsoft Graph

    GroupMember.ReadWrite.All

    Application

    Microsoft Graph

    Mail.ReadWrite

    Application

    Microsoft Graph

    MailboxSettings.Read

    Application

    Microsoft Graph

    MailboxSettings.ReadWrite

    Application

    Microsoft Graph

    Member.Read.Hidden

    Application

    Microsoft Graph

    Sites.FullControl.All

    Application

    Microsoft Graph

    Sites.Manage.All

    Application

    Microsoft Graph

    Sites.Read.All

    Application

    Microsoft Graph

    Sites.ReadWrite.All

    Application

    Microsoft Graph

    Team.Create

    Application

    Microsoft Graph

    Team.ReadBasic.All

    Application

    Microsoft Graph

    TeamMember.Read.All

    Application

    Microsoft Graph

    TeamMember.ReadWrite.All

    Application

    Microsoft Graph

    TeamMember.ReadWriteNonOwnerRole.All

    Application

    Microsoft Graph

    TeamSettings.ReadWrite.All

    Application

    Microsoft Graph

    TeamsTab.Create

    Application

    Microsoft Graph

    TeamsTab.ReadWrite.All

    Application

    Microsoft Graph

    TeamsTab.ReadWriteForChat.All

    Application

    Microsoft Graph

    TeamsTab.ReadWriteForTeam.All

    Application

    Microsoft Graph

    TeamsTab.ReadWriteForUser.All

    Application

    Microsoft Graph

    User.Read.All

    Application

    Microsoft Graph

    User.ReadWrite.All

    Application

    Office 365 Exchange Online

    full_access_as_app

    Application

    SharePoint

    Sites.FullControl.All

    Application

    SharePoint

    Sites.Manage.All

    Application

    SharePoint

    Sites.Read.All

    Application

    SharePoint

    Sites.ReadWrite.All

    Application

    SharePoint

    User.ReadWrite.All

    Application

  13. To set the permission "full_access_as_app" in the Office 365 Exchange Online API, click "Add a permission" option and in the "Request API permissions" window go to "APIs my organization uses" and search for "Office 365 Exchange Online", then select "Application permissions" and check "full_access_as_app" from "Other permissions".

  14. To save the selected permissions, click Grant admin consent for <your organization name>.

  15. Since you're granting tenant scoped permissions this granting can only be done via the appinv.aspx page on the tenant administration site. You can reach this site by typing the address: https://tenantName-admin.sharepoint.com/_layouts/15/appinv.aspx. (replace the tenantName with your tenant name). Once the page is loaded, do as follow:

    1. Enter your App Id (client ID) and click the Lookup button.

    2. Enter the App Domain name.

    3. In the "App's Permission Request XML" window enter the following lines:

<AppPermissionRequests AllowAppOnlyPolicy="true">
    <AppPermissionRequest Scope="http://sharepoint/content/tenant" 
     Right="FullControl" />
 </AppPermissionRequests>

16. When you click on the Create button you'll be presented with a permission consent dialog. Press the Trust It button to grant the permissions.

17. Open Powershell command prompt and execute the command:

Install-Module -Name Microsoft.Online.SharePoint.Powershell

then

Connect-SPOService https://tenantName-admin.sharepoint.com
Set-SPOTenant -LegacyAuthProtocolsEnabled $True
Set-SPOTenant -DisableCustomAppAuthentication $false

It enables the LegacyAuthProtocolsEnabled setting.

or download and install the module directly from this

Setup Assistant
https://portal.azure.com/
site