How to add organization with Modern app-only authentication and register a new Azure AD application automically for Veeam Backup for Microsoft Office 365

      Comments Off on How to add organization with Modern app-only authentication and register a new Azure AD application automically for Veeam Backup for Microsoft Office 365

When you add an organization using the modern app-only authentication method, you are required to provide Azure AD application settings. Veeam Backup for Microsoft 365 uses such an application to establish a connection to your Microsoft 365 organizations with enabled security defaults and maintain data transfer during backup and restore sessions.

With modern app-only authentication, you cannot use Veeam Backup account; only communications through Azure AD application is possible.

Required User Account Roles for Azure AD Applications

Azure AD application uses a user account to log in to Microsoft 365. This user account must be assigned the following roles:

  •  Global Administrator — required for adding organizations with modern app-only authentication, creating backup applications, registering Azure AD application for Restore Portal and creating Azure AD application for the Microsoft Azure service account.
  • ApplicationImpersonation and Global Administrator or Exchange Administrator — required for data restore with Veeam Explorer for Microsoft Exchange.
  • Global Administrator or SharePoint Administrator — required for data restore with Veeam Explorer for Microsoft SharePoint and Veeam Explorer for Microsoft OneDrive for Business.
  • Global Administrator or Teams Administrator — required for data restore with Veeam Explorer for Microsoft Teams.
  • Global Administrator — required for establishing a connection to a service provider in the Microsoft 365 Backup as Service scenario.

1.Login to Veeam Backup for Microsoft 365 Manager server.

2.Open Veeam Backup for Microsoft Office 365 console.

3.On the Veeam Backup for Microsoft Office 365 console page, right-click Organizations, select Add organization.

041422 1611 Howtoaddorg1 - How to add organization with Modern app-only authentication and register a new Azure AD application automically for Veeam Backup for Microsoft Office 365

4.On the Organization deployment type, select Microsoft 365 as organization type, select all services as you want to protect, click Next.

041422 1611 Howtoaddorg2 - How to add organization with Modern app-only authentication and register a new Azure AD application automically for Veeam Backup for Microsoft Office 365

5.On the Microsoft 365 connection settings page, select Default as Region, select Modern authentication as authentication method, click Next. Make sure to leave the Allow for using legacy authentication protocols check box cleared. This check box allows you to add an Microsoft 365 organization with disabled security defaults.

041422 1611 Howtoaddorg3 - How to add organization with Modern app-only authentication and register a new Azure AD application automically for Veeam Backup for Microsoft Office 365

6.On the Microsoft 365 connection settings page, select Register a new Azure AD application automically, click Next. Veeam Backup for Microsoft 365 requires to provide an application name and certificate to register a new Azure AD application in Azure Active Directory.

041422 1611 Howtoaddorg4 - How to add organization with Modern app-only authentication and register a new Azure AD application automically for Veeam Backup for Microsoft Office 365

7.On the Azure AD application registration page, enter a name that you want to use to register a new Azure AD application in your Azure Active Directory.

041422 1611 Howtoaddorg5 - How to add organization with Modern app-only authentication and register a new Azure AD application automically for Veeam Backup for Microsoft Office 365

8.Click Install to specify an SSL certificate that you want to use for data exchange between Veeam Backup for Microsoft 365 and an Azure AD application.

041422 1611 Howtoaddorg6 - How to add organization with Modern app-only authentication and register a new Azure AD application automically for Veeam Backup for Microsoft Office 365

9.On the Select certificate type page, select Generate a new self-signed certificate, click Next. When generating a new self-signed certificate, Veeam Backup for Microsoft 365 will register it automatically.

041422 1611 Howtoaddorg7 - How to add organization with Modern app-only authentication and register a new Azure AD application automically for Veeam Backup for Microsoft Office 365

10.On the Generate certificate page, click Finish.

041422 1611 Howtoaddorg8 - How to add organization with Modern app-only authentication and register a new Azure AD application automically for Veeam Backup for Microsoft Office 365

11.Select the Allow this application to enable export mode for SharePoint Web Parts check box to allow Veeam Backup for Microsoft 365 to back up web parts of your Microsoft SharePoint websites, click Next. Veeam Backup for Microsoft 365 automatically alters the allowexport property of each web part and sets this property to true. After the allowexport property is set to true, a web part can be backed up without any limitations

041422 1611 Howtoaddorg9 - How to add organization with Modern app-only authentication and register a new Azure AD application automically for Veeam Backup for Microsoft Office 365

12.On the Log in Microsoft 365 page, click copy code, click the sign in link.

041422 1611 Howtoaddorg10 - How to add organization with Modern app-only authentication and register a new Azure AD application automically for Veeam Backup for Microsoft Office 365

13.Enter code, click Next.

041422 1611 Howtoaddorg11 - How to add organization with Modern app-only authentication and register a new Azure AD application automically for Veeam Backup for Microsoft Office 365

14.Enter your account name, click Next. Make sure to sign in with the user account that has the Global Administrator role.

041422 1611 Howtoaddorg12 - How to add organization with Modern app-only authentication and register a new Azure AD application automically for Veeam Backup for Microsoft Office 365

15.Enter password, click Sign in.

041422 1611 Howtoaddorg13 - How to add organization with Modern app-only authentication and register a new Azure AD application automically for Veeam Backup for Microsoft Office 365

16.On the sign in confirm page, click Continue.

041422 1611 Howtoaddorg14 - How to add organization with Modern app-only authentication and register a new Azure AD application automically for Veeam Backup for Microsoft Office 365

17.Close sign in window after make sure signed in successfully.

041422 1611 Howtoaddorg15 - How to add organization with Modern app-only authentication and register a new Azure AD application automically for Veeam Backup for Microsoft Office 365

18.On the Log in to Microsoft 365 page, make sure your are authenticated to Microsoft 365, click Next.

041422 1611 Howtoaddorg16 - How to add organization with Modern app-only authentication and register a new Azure AD application automically for Veeam Backup for Microsoft Office 365

19.Make sure connection to be established, click Finish.

041422 1611 Howtoaddorg17 - How to add organization with Modern app-only authentication and register a new Azure AD application automically for Veeam Backup for Microsoft Office 365

20.Verify the Office 365 organization add successfully.

041422 1611 Howtoaddorg18 - How to add organization with Modern app-only authentication and register a new Azure AD application automically for Veeam Backup for Microsoft Office 365

Hope you enjoy this post.

Cary Sun

Twitter: @SifuSun

Web Site: carysun.com

Blog Site: checkyourlogs.net

Blog Site: gooddealmart.com

ca16fbd3199de5f66b829b87082fb970?s=80&d=retro&r=g - How to add organization with Modern app-only authentication and register a new Azure AD application automically for Veeam Backup for Microsoft Office 365

Author: Cary Sun

Cary Sun is an Principal Consultant, He has a strong background specializing in datacenter and deployment solutions, and has spent over 20 years in the planning, design, and implementation of network technologies and Management and system integration.He hold CISCO CERTIFIED INTERNETWORK EXPERT (CCIE No.4531) from 1997.Cary is also a Microsoft Most Valuable Professional (MVP) and Cisco Champion, He is a published author with serveral titles, include blogs on Checkyourlogs.net, author for many books. Specialties: CCIE /CCNA / MCSE / MCITP / MCTS / MCSA / Solution Expert / CCA
Blog:
http://www.carysun.com http://www.checkyourlogs.net
Twitter:@SifuSun

About Cary Sun

Cary Sun is an Principal Consultant, He has a strong background specializing in datacenter and deployment solutions, and has spent over 20 years in the planning, design, and implementation of network technologies and Management and system integration.He hold CISCO CERTIFIED INTERNETWORK EXPERT (CCIE No.4531) from 1997.Cary is also a Microsoft Most Valuable Professional (MVP) and Cisco Champion, He is a published author with serveral titles, include blogs on Checkyourlogs.net, author for many books. Specialties: CCIE /CCNA / MCSE / MCITP / MCTS / MCSA / Solution Expert / CCA Blog: http://www.carysun.com http://www.checkyourlogs.net Twitter:@SifuSun