Chatta subito con l'assistenza
Chat con il supporto

NetVault Plug-in for Microsoft 365 13.2 - User Guide

Using the Microsoft 365 admin portal to obtain configuration details

Alternatively, you can obtain configuration information from your Microsoft 365 admin portal, and enter the information in the configuration section for the plug-in.

To use the Microsoft 365 admin portal obtain configuration details
1
Go to admin.microsoft.com.
2
In the navigation pane on the left, click Show All and then select Azure Active Directory from the list.
3
In the Azure Active Directory admin center, under All services, click Azure Active Directory.
4
In the MANAGE section, click App registrations, and then click New registration.
5
Complete the following fields:
Name: Enter a name for the NetVault plug-in, such as PluginMicrosoft365.
Supported account types: To specify who can use this application or access this API, select Account in any organizational directory (Any Azure AD directory - Multitenant).
Redirect URI: Enter the URI that you use for interacting with NetVault, such as https://<machineName>:8443.
6
Click Register, and note the Application ID listed on the page that appears.
Quest strongly recommends that you record this information, for example by copying it to a text file and saving that file.
7
On the Overview page, under Manage, click Authentication.
8
In the Advanced settings section, next to Allow public client flows, select Yes.
9
In the Manage section, click API permissions.
10
In API permissions, click Add a permission.
11
Choose one of the following options:
Select an API: To use this method, select Microsoft Graph or SharePoint, and then click Select.
Select permissions: To use this option, complete the following steps:
a
Select Application Permissions, and then select the following items:
Calendars.Read
Calendars.ReadWrite
ChannelMessage.Read.All
Directory.ReadWrite.All
Files.Read.All
Files.ReadWrite.All
Group.Read.All
Group.ReadWrite.All
Mail.Read
Mail.ReadWrite
MailboxSettings.Read
MailboxSettings.ReadWrite
Reports.Read.All
Sites.FullControl.All
Sites.Manage.All
Sites.Read.All
Sites.ReadWrite.All
User.Read.All
User.ReadWrite.All
b
Expand SharePoint, and then select the following item:
Sites.FullControl.All
c
Select Delegated Permissions, and then select the following items:
ChannelMessage.Read.All
Group.ReadWrite.All
User.Read (this permission is added by default for the registered App)
d
Click Add permissions.
e
To assign permissions to the Plug‑in for Microsoft 365 after the plug-in is configured, click Grant permissions on the Required permissions tab, and click Yes when the confirmation message appears.
 
* 
NOTE: To back up and restore Azure AD service principals, the registered application used for the configuration of the plug-in must be the Global Administrator and the Application Administrator.
12
On the Manage tab, in the Certificates & secrets section, click New client secret to create passwords for the plug-in to use.
13
Enter a description and select a time period option.
Optionally, you can determine a specific time for when the password is active by selecting a start date and an end date.
14
Click Add and note the information in the VALUE box.
Quest strongly recommends that you record this information, for example by copying it to the same text file that you created and saved earlier.
 
* 
IMPORTANT: You cannot retrieve this key at a later time. If you do not record it for reference when you configure the plug-in, you have to generate a new key.
15
To identify the domain name used for Microsoft 365, click Azure Active Directory again in the navigation pane on the left.
16
Click Overview, and note the domain name.
 
* 
NOTE: Quest recommends that you record this information, for example by copying it to a text file and saving that file.

Preparing SharePoint Online for backup and restore

Preparing SharePoint Online for backup and restore

Before you can protect your SharePoint Online data with Plug‑in for Microsoft 365, you must assign permission for the SharePoint Online CSOM API.

To prepare SharePoint Online for backup and restore
1
Open the SharePoint Online Tenant site with the Tenant Administrator account. For example: https://<tenant>-admin.sharepoint.com/_layouts/15/appinv.aspx.
2
In the App Id text box, enter the Client ID generated from Azure Active Directory.
3
Click Lookup.
4
Under App Domain, enter www.localhost.com.
5
Under Redirect URL, enter https://www.locahost.com.
6
Under Permission Request XML, enter the following XML script:
<AppPermissionRequests AllowAppOnlyPolicy="true"> <AppPermissionRequest Scope="http://sharepoint/content/tenant" Right="FullControl" /> </AppPermissionRequests>
7
Click Create.
8
In the dialog, click Trust It.

Entering the configuration details in the plug-in

After you have identified application ID, password, and domain name, you must enter the information in the configuration section for the plug-in.

 
* 
NOTE: Plug‑in for Microsoft 365 requires Global administrator access for the following sites:
Team Site with Group (Primary)
Business Intelligence Center (Classic)
Visio Process Repository (Classic)
Product Catalog (Classic)
 
* 
NOTE: The user configured for the plug-in must be a member of the Teams platform to generate backup and restore jobs for Teams.
To enter the configuration details in the plug-in
1
In the Navigation Pane, click Create Backup Job, and click next to the Selections list.
2
In the selection tree, open the applicable client node.
3
Click Plug‑in for Microsoft 365, and select Configure from the context menu.
4
On the Add Tenant page, select one of the following options as the tenant authentication method, and then enter the details for your selection:
 
* 
NOTE: Use the information that you recorded during the process, Using the Microsoft 365 admin portal to obtain configuration details.
Tenant Credentials
Application Domain
Application ID
Application Password
Certificate
Application Domain
Application ID
Cert Thumbprint
 
* 
NOTE: NetVault uses certificate thumbprint to fetch the private key from the Windows Certificate Manager.
 
* 
CAUTION: Do not use the Change Settings option in the WebUI to enter or update these settings.
5
If you are protecting Teams, select the Enter Global Administrator Credentials check box, and enter the user name and password for the administrator.
Verify that the administrator has the Global admin role assigned and is an owner or member of the Teams that you want to protect. Complete the Administrator Username field using the User Principal Name (UPN) format — for example,user1@testdomain.onmicrosoft.com.
6
To save the settings, click OK.
With the account properly configured, you can click the Plug‑in for Microsoft 365 node to display the available mailboxes and the OneDrive users and groups.

Multi-tenant support

Plug‑in for Microsoft 365 features multi-tenant support, which lets you backup and restore data for multiple tenants. Multi-tenant support also provides the following advantages:
Cost savings for managed service providers (MSPs) due to a single plug-in deployment for managing multiple tenants.
Instant recovery with a new domain in the case of a ransomware attack on your existing domain.
Cross-tenant restores, which you can use in cases of mergers and acquisitions. For more information about cross-tenant relocation, see The mailbox is restored with its new name to the original location as a subset of the original mailbox..

To view all tenants, use the Open action in the click menu of the plug-in under NetVault Selections.

This section includes the following processes:
Adding a tenant
Editing a tenant
Removing a tenant
Adding a tenant
To add a tenant
1
Under NetVault Selections, click Plug‑in for Microsoft 365.
2
In the menu, click Add Tenant.
3
On the Add Tenant page, select one of the following options as the tenant authentication method, and then enter the details for your selection:
 
* 
NOTE: Use the information that you recorded during the process, Using the Microsoft 365 admin portal to obtain configuration details.
Tenant Credentials
Application Domain
Application ID
Application Password
Certificate
Application Domain
Application ID
Cert Thumbprint
 
* 
NOTE: NetVault uses certificate thumbprint to fetch the private key from the Windows Certificate Manager.
4
Optionally, under Global Administrator Details, select Enter Global Administrator Credentials, and then enter the administrator user name and password.
5
Click OK.
Editing a tenant
To edit a tenant
1
Under NetVault Selections, expand Plug‑in for Microsoft 365, and then click the domain.
2
In the menu, click Edit.
3
On the Add Tenant page, select one of the following options as the tenant authentication method, and then enter the details for your selection:
 
* 
NOTE: Use the information that you recorded during the process, Using the Microsoft 365 admin portal to obtain configuration details.
Tenant Credentials
Application Domain
Application ID
Application Password
Certificate
Application Domain
Application ID
Cert Thumbprint
* 
NOTE: NetVault uses certificate thumbprint to fetch the private key from the Windows Certificate Manager.
4
Optionally, under Global Administrator Details, select Enter Global Administrator Credentials, and then enter the administrator user name and password.
5
Click OK.
Removing a tenant
To remove a tenant
1
Under NetVault Selections, expand Plug‑in for Microsoft 365, and then click the domain.
2
In the menu, click Remove.
3
To confirm your selection, click OK.
Related Documents

The document was helpful.

Seleziona valutazione

I easily found the information I needed.

Seleziona valutazione