Add Microsoft 365 Organization
To add the Microsoft 365 domain, you can follow the steps below if you have already registered the BDRSuite Microsoft Application in the Microsoft Azure Portal else click here to register.
Log in to your BDRSuite Backup Server web console and navigate to Data Sources-> Add Microsoft 365 organization
Click on the Microsoft 365 Organization tab and you can choose from 3 different ways the Microsoft 365 organization can be added to the BDRSuite Backup Server.
- Authorize BDRSuite for Access using Automatic Process
- Authorize BDRSuite for Access using Manual Process
- Authorize BDRSuite for Access using PowerShell Scripts
1. Add Microsoft 365 Organization Account as a Data Source and Authorize using Automatic Process
Add Method Selection
Azure Cloud Environment Selection
You can select the Azure Cloud environment that your Microsoft 365 account is located in. BDRSuite Backup Server needs to access the Microsoft 365 APIs for backup and recovery from within the same cloud environment as your Microsoft 365 account. If your account was created in the global Azure environment, then the BDRSuite Backup Server will automatically use this environment by default. However, if your organization is using Azure Government or Azure China , then you can choose the specific government cloud you are using.
Select a method to add M365 organization
- This option lets you choose the method using which you want to add the Microsoft 365 organization. If your Microsoft 365 organization is using the global Azure environment in the above step then you can add the organization in all the three different methods listed on the UI. (Mentioned above)
- If your Microsoft 365 organization is using Azure government or Azure China then you can only add it using the manual process.
BDRSuite Authorization (Only for automatic process if selected for adding Microsoft 365 organization)
- A one-time authorization code is generated for Microsoft to validate BDRSuite and thereby allowing access to the Microsoft 365 organization account.
- Copy the One-Time Authorization Code for BDRSuite and click on the provided link and it will take you to your Microsoft 365 accounts page.
Enter the copied One-Time Authorization Code for BDRSuite in the given space and click next, on the page which looks as the below image.
You will be taken to the sign in page where you need to provide your Microsoft Admin Account credentials.
Note: This is mandatory to complete the authorization process.
Enter the Email or Phone and click Next.
Enter the password and click on Sign in.
Click on Continue.
You will be notified with the following message – “You have signed in to the BDRSuite-M365App application on your device. You may now close this window.”
Come back to the BDRSuite Backup Server’s BDRSuite Authorization page, check the box and confirm the following statement – I have completed the authorization process using the one-time authorization code.
The process to automatically add the Microsoft 365 organization to the BDRSuite Backup Server will be initiated.
Completion Steps
1. Organization Name
Enter a name using which you can identify the same.
2. Tenant ID
3. Application ID
4. Application Password
Tenant ID, Application ID, and Application Password will be fetched automatically.
5. Create multiple Applications for BDRSuite in Microsoft 365 Organization (Enabled by Default)
The Application ID that is created in the Azure portal and entered in the above steps will actually manage the write and read request permissions to and from the BDRSuite and the Microsoft 365 Organization. In simpler words, it is the authentication process done using the Application ID.
When a Microsoft 365 Organization is added the BDRSuite will only create one application by default in the Microsoft 365 which will be used for the previously mentioned Authentication process and the same application is used for the backup process as well creating throttle in the following scenario;
- A large number of requests across multiple third party applications being generated.
- A large number of requests from one particular application, BDRSuite in this case being generated.
Now, this option when enabled will let you create additional Applications(Currently 6).So, totally 7 Applications can be used to fetch the Microsoft Organization details and backup job user’s requests will be split among the 7 Applications, thus improving the overall backup performance.
Apart from the default application, there will 2 parent applications created. One parent application will be used for User mailbox and group mailbox Backup & Recovery process. The other parent application will be used for SharePoint and Teams Backup & Recovery process. Parent application further has 2 Child Application each which will be used for Backup processing. Thus, a total of 6 Applications apart from the default application will be created using this feature.
If you want to enable this feature in an already configured Microsoft 365 Backup Job then you can click on the edit icon of the respective backup job in the List Jobs page. You can also disable it by navigating to the same edit icon and unchecking the box.
Note: In a scenario where this feature was enabled and then disabled for some reason and if the user wants to again enable this features then two options will be provided for doing the same.
- Use Existing Application.
- Recreate Multiple Applications.
Depending on the user requirement, any of the above option can be chosen.
6. Enable Microsoft 365 users to initiate self service recovery directly from their outlook console and from the BDRSuite web console.
Enabling this option will create an application for BDRSuite in Microsoft 365 organization which will be used for the following:
- Support to deploy BDRSuite Add-in for Outlook which allows users to easily restore the backed-up mails directly from their Outlook interface.
- Allow Microsoft 365 Organization Users to log into the BDRSuite web console with their Microsoft 365 Account credentials .
Add Microsoft 365 Organization as a Data Source and Authorize BDRSuite for Access Using Manual Process
Add Method Selection
Azure Cloud Environment Selection
You can select the Azure Cloud environment that your Microsoft 365 account is located in. BDRSuite Backup Server needs to access the Microsoft 365 APIs for backup and recovery from within the same cloud environment as your Microsoft 365 account. If your account was created in the global Azure environment, then the BDRSuite Backup Server will automatically use this environment by default. However, if your organization is using Azure Government or Azure China , then you can choose the specific government cloud you are using.
Select a method to add M365 organization
- This option lets you choose the method using which you want to add the Microsoft 365 organization. If your Microsoft 365 organization is using the global Azure environment in the above step then you can add the organization in all the three different methods listed on the UI. (Mentioned above).
- If your Microsoft 365 organization is using Azure government or Azure China then you can only add it using the manual process.
After selecting the method click on, Next.
Completion steps
1. Organization Name
Enter a name using which you can identify the same.
2. Tenant ID
The Tenant ID that was created has to be entered here.
3. Application ID
The generated Application ID has to be entered here.
4. Application Password or SSL Certificate
Application Password : You can choose this option to authenticate using the client secret password for the application. Enter the Application Password which is a Value, that you copied from your Azure portal.
SSL Certificate : In a scenario you do not want to share your application password then you can choose this option to authenticate using the client SSL Certificate for the application.
Choose the Application Certificate (SSL Certificate) option, then browse the corresponding PFX file (certificate) from the file explorer and after providing the certificate password ( enter the password you had provided at the time of certificate download ), you will be able to add the Microsoft 365 organization using the certificate.
Note: Make sure to import the SSL certificate only in the .pfx format.
5. Create multiple Applications for BDRSuite in Microsoft 365 Organization (Enabled by Default)
The Application ID that is created in the Azure portal and entered in the above steps will actually manage the write and read request permissions to and from the BDRSuite and the Microsoft 365 Organization. In simpler words, it is the authentication process done using the Application ID.
When a Microsoft 365 Organization is added the BDRSuite will only create one application by default in the Microsoft 365 which will be used for the previously mentioned Authentication process and the same application is used for the backup process as well creating throttle in the following scenario;
- A large number of requests across multiple third party applications being generated.
- A large number of requests from one particular application, BDRSuite in this case being generated.
Now, this option when enabled will let you create additional Applications(Currently 6).So, totally 7 Applications can be used to fetch the Microsoft Organization details and backup job user’s requests will be split among the 7 Applications, thus improving the overall backup performance.
Apart from the default application, there will 2 parent applications created. One parent application will be used for User mailbox and group mailbox Backup & Recovery process. The other parent application will be used for SharePoint and Teams Backup & Recovery process. Parent application further has 2 Child Application each which will be used for Backup processing. Thus, a total of 6 Applications apart from the default application will be created using this feature.
If you want to enable this feature in an already configured Microsoft 365 Backup Job then you can click on the edit icon of the respective backup job in the List Jobs page. You can also disable it by navigating to the same edit icon and unchecking the box.
Note: In a scenario where this feature was enabled and then disabled for some reason and if the user wants to again enable this features then two options will be provided for doing the same.
- Use Existing Application.
- Recreate Multiple Applications.
Depending on the user requirement, any of the above option can be chosen.
6. Create an Application for Microsoft 365 User Login into BDRSuite and to support BDRSuite add-in for Outlook
Enabling this option will create an application for BDRSuite in Microsoft 365 organization which will be used for the following:
- Support to deploy BDRSuite Add-in for Outlook which allows users to easily restore the backed-up mails directly from their Outlook interface.
- Allow Microsoft 365 Organization Users to log into the BDRSuite console with their Microsoft 365 Account credentials.
Add Microsoft 365 Organization Account as a Data Source and Authorize BDRSuite for Access Using PowerShell Scripts
Add Method Selection
Azure Cloud Environment Selection
You can select the Azure Cloud environment that your Microsoft 365 account is located in. BDRSuite Backup Server needs to access the Microsoft 365 APIs for backup and recovery from within the same cloud environment as your Microsoft 365 account. If your account was created in the global Azure environment, then the BDRSuite Backup Server will automatically use this environment by default. However, if your organization is using Azure Government or Azure China , then you can choose the specific government cloud you are using.
Select a method to add M365 organization
- This option lets you choose the method using which you want to add the Microsoft 365 organization. If your Microsoft 365 organization is using the global Azure environment in the above step then you can add the organization in all the three different methods listed on the UI. (Mentioned above)
- If your Microsoft 365 organization is using Azure government or Azure China then you can only add it using the manual process.
Check the perquisites and you can add the Microsoft 365 organization to the BDRSuite Backup Server through PowerShell Script by following the steps mentioned in the BDRSuite Backup Server UI and also enable permission for SharePoint REST API, the steps for which are available in the BDRSuite Backup Server UI.
Note:
1. If you have added the organization through PowerShell Scripts process and wants to change authorization from Application Password to SSL Certificate then you can achieve the same by editing the organization. In the Add & Manage Microsoft 365 organizations page, all the added organizations will be listed and you can click on the edit organization icon under the actions tab and modify the authorization.
2. ‘Create multiple Applications for BDRSuite in Microsoft 365 Organization’ option will be enabled by default and the same can be viewed and modified (if required) while editing the organization.
Microsoft 365 Organization added through any of the above mentioned methods to configure backup for Microsoft 365 are listed on the following page.