December 3, 2024
041422_1611_Howtoaddorg3.png
When you add an organization using the modern app-only authentication method, you are required to provide Azure AD application settings. Veeam Backup for Microsoft 365 uses such an application to establish a connection to your Microsoft 365 organizations with enabled security defaults and maintain data transfer during backup and restore sessions.

When you add an organization using the modern app-only authentication method, you are required to provide Azure AD application settings. Veeam Backup for Microsoft 365 uses such an application to establish a connection to your Microsoft 365 organizations with enabled security defaults and maintain data transfer during backup and restore sessions.

With modern app-only authentication, you cannot use Veeam Backup account; only communications through Azure AD application is possible.

Required User Account Roles for Azure AD Applications

Azure AD application uses a user account to log in to Microsoft 365. This user account must be assigned the following roles:

  •  Global Administrator — required for adding organizations with modern app-only authentication, creating backup applications, registering Azure AD application for Restore Portal and creating Azure AD application for the Microsoft Azure service account.
  • ApplicationImpersonation and Global Administrator or Exchange Administrator — required for data restore with Veeam Explorer for Microsoft Exchange.
  • Global Administrator or SharePoint Administrator — required for data restore with Veeam Explorer for Microsoft SharePoint and Veeam Explorer for Microsoft OneDrive for Business.
  • Global Administrator or Teams Administrator — required for data restore with Veeam Explorer for Microsoft Teams.
  • Global Administrator — required for establishing a connection to a service provider in the Microsoft 365 Backup as Service scenario.

1.Login to Veeam Backup for Microsoft 365 Manager server.

2.Open Veeam Backup for Microsoft Office 365 console.

3.On the Veeam Backup for Microsoft Office 365 console page, right-click Organizations, select Add organization.

041422 1611 Howtoaddorg1 - How to add organization with Modern app-only authentication and register a new Azure AD application automically for Veeam Backup for Microsoft Office 365

4.On the Organization deployment type, select Microsoft 365 as organization type, select all services as you want to protect, click Next.

041422 1611 Howtoaddorg2 - How to add organization with Modern app-only authentication and register a new Azure AD application automically for Veeam Backup for Microsoft Office 365

5.On the Microsoft 365 connection settings page, select Default as Region, select Modern authentication as authentication method, click Next. Make sure to leave the Allow for using legacy authentication protocols check box cleared. This check box allows you to add an Microsoft 365 organization with disabled security defaults.

041422 1611 Howtoaddorg3 - How to add organization with Modern app-only authentication and register a new Azure AD application automically for Veeam Backup for Microsoft Office 365

6.On the Microsoft 365 connection settings page, select Register a new Azure AD application automically, click Next. Veeam Backup for Microsoft 365 requires to provide an application name and certificate to register a new Azure AD application in Azure Active Directory.

041422 1611 Howtoaddorg4 - How to add organization with Modern app-only authentication and register a new Azure AD application automically for Veeam Backup for Microsoft Office 365

7.On the Azure AD application registration page, enter a name that you want to use to register a new Azure AD application in your Azure Active Directory.

041422 1611 Howtoaddorg5 - How to add organization with Modern app-only authentication and register a new Azure AD application automically for Veeam Backup for Microsoft Office 365

8.Click Install to specify an SSL certificate that you want to use for data exchange between Veeam Backup for Microsoft 365 and an Azure AD application.

041422 1611 Howtoaddorg6 - How to add organization with Modern app-only authentication and register a new Azure AD application automically for Veeam Backup for Microsoft Office 365

9.On the Select certificate type page, select Generate a new self-signed certificate, click Next. When generating a new self-signed certificate, Veeam Backup for Microsoft 365 will register it automatically.

041422 1611 Howtoaddorg7 - How to add organization with Modern app-only authentication and register a new Azure AD application automically for Veeam Backup for Microsoft Office 365

10.On the Generate certificate page, click Finish.

041422 1611 Howtoaddorg8 - How to add organization with Modern app-only authentication and register a new Azure AD application automically for Veeam Backup for Microsoft Office 365

11.Select the Allow this application to enable export mode for SharePoint Web Parts check box to allow Veeam Backup for Microsoft 365 to back up web parts of your Microsoft SharePoint websites, click Next. Veeam Backup for Microsoft 365 automatically alters the allowexport property of each web part and sets this property to true. After the allowexport property is set to true, a web part can be backed up without any limitations

041422 1611 Howtoaddorg9 - How to add organization with Modern app-only authentication and register a new Azure AD application automically for Veeam Backup for Microsoft Office 365

12.On the Log in Microsoft 365 page, click copy code, click the sign in link.

041422 1611 Howtoaddorg10 - How to add organization with Modern app-only authentication and register a new Azure AD application automically for Veeam Backup for Microsoft Office 365

13.Enter code, click Next.

041422 1611 Howtoaddorg11 - How to add organization with Modern app-only authentication and register a new Azure AD application automically for Veeam Backup for Microsoft Office 365

14.Enter your account name, click Next. Make sure to sign in with the user account that has the Global Administrator role.

041422 1611 Howtoaddorg12 - How to add organization with Modern app-only authentication and register a new Azure AD application automically for Veeam Backup for Microsoft Office 365

15.Enter password, click Sign in.

041422 1611 Howtoaddorg13 - How to add organization with Modern app-only authentication and register a new Azure AD application automically for Veeam Backup for Microsoft Office 365

16.On the sign in confirm page, click Continue.

041422 1611 Howtoaddorg14 - How to add organization with Modern app-only authentication and register a new Azure AD application automically for Veeam Backup for Microsoft Office 365

17.Close sign in window after make sure signed in successfully.

041422 1611 Howtoaddorg15 - How to add organization with Modern app-only authentication and register a new Azure AD application automically for Veeam Backup for Microsoft Office 365

18.On the Log in to Microsoft 365 page, make sure your are authenticated to Microsoft 365, click Next.

041422 1611 Howtoaddorg16 - How to add organization with Modern app-only authentication and register a new Azure AD application automically for Veeam Backup for Microsoft Office 365

19.Make sure connection to be established, click Finish.

041422 1611 Howtoaddorg17 - How to add organization with Modern app-only authentication and register a new Azure AD application automically for Veeam Backup for Microsoft Office 365

20.Verify the Office 365 organization add successfully.

041422 1611 Howtoaddorg18 - How to add organization with Modern app-only authentication and register a new Azure AD application automically for Veeam Backup for Microsoft Office 365

Hope you enjoy this post.

Cary Sun

Twitter: @SifuSun

Web Site: carysun.com

Blog Site: checkyourlogs.net

Blog Site: gooddealmart.com

ca16fbd3199de5f66b829b87082fb970?s=80&d=retro&r=g - How to add organization with Modern app-only authentication and register a new Azure AD application automically for Veeam Backup for Microsoft Office 365

Author: Cary Sun

Cary Sun has a wealth of knowledge and expertise in data center and deployment solutions. As a Principal Consultant, he likely works closely with clients to help them design, implement, and manage their data center infrastructure and deployment strategies.
With his background in data center solutions, Cary Sun may have experience in server and storage virtualization, network design and optimization, backup and disaster recovery planning, and security and compliance management. He holds CISCO CERTIFIED INTERNETWORK EXPERT (CCIE No.4531) from 1999. Cary is also a Microsoft Most Valuable Professional (MVP), Microsoft Azure MVP, Veeam Vanguard and Cisco Champion. He is a published author with several titles, including blogs on Checkyourlogs.net, and the author of many books.
Cary is a very active blogger at checkyourlogs.net and is permanently available online for questions from the community. His passion for technology is contagious, improving everyone around him at what they do.

Blog site: https://www.checkyourlogs.net
Web site: https://carysun.com
Blog site: https://gooddealmart.com
Twitter: @SifuSun
in: https://www.linkedin.com/in/sifusun/
Amazon Author: https://Amazon.com/author/carysun