Modern Authentification on VBO 3.0
Veeam for Office 365 3.0
As we saw in a previous post, Veeam for Office 365 allows the backup and restoration of an Office 365 tenant.
Office 365 2.0
what’s new on VBO 3.0
Veeam has released version 3.0 of Veeam for Office 365. This version offers the following new features:
- Faster backup for OneDrive for Business and Sharepoint Online.
- Possibility to include or exclude personal company sites from the backup (Sharepoint online).
- Multifactor authentication support to improve the security of Office 365 backup.Modern Authentification is now supported on VBO 3.0
- Proxy server support
- Office 365 Data Protection Report
- Possibility to have advanced criteria for searches (object name, email,…).
- On-demand backup tasks, so that you can run a backup without a schedule (on-demand execution).
- Ability to rename an existing organization in the Veeam console.
Install Veeam for Office 365
Three MSI files are provided by Veeam (the explorers for Sharepoint and Exchange) as well as the installation setup. Run the Veeam Backup O365 install file.
On the End-User licence Agreement windows, check the checkboxes and click Next.
Click Next in the Program Features window and click on Install.
Install is on progress. Click
Click Finish when the installation is complete. You can now add organisation. On the ribbon click on Add. Org. A wizard Appear, you can choose the authentification method :
- Modern Authentification : Choose this option if you use MFA or certificate for the authentification.
- Basic Authentification : Choose this option for legacy authentification.
If you want to use Modern Authentification, you need to insert Application ID. The next section describes how you can create Application ID.
Create Application ID
On the Azure Portal, click on Azure Active Directory then on App registrations and on New Application registration in the central panel.
On the Name field, enter Veeam Office 365 v4 and select Web App / API in the drop-down list and enter https://localhost on the field. Start the creation by clicking on Register.
The creation is now operational. Copy the Application ID into the notepad and click on Settings.
Click on Api permission then on Add a permission.
Click on Microsoft Graph.
Click on Application permissions
Select the permissions :
- Group / Group.Read.all
- Directory / Directory.Read.All
Click Add a permission to validate the choice.
Click on Grant admin consent for…. A message appear, click on Yes.
Click on Certificates & secrets then on New Client secret.
Enter Description and choose when the secret expires. Click Add for validate the modification.
Copy the value of the secret to Notepad.
Copy the value of the secret to Notepad. Paste Application ID on the Application ID Field and the Value of the Client secret on the Application secret. Enter Username of the administrator account or user who has the appropriate rights to the Office 365.
On the Office 365 portal, log in with the user account used by Veeam. Click on account then on My Account.
A new windows appear, click on Security & Privacy menu. Expand the Additional security verification menu and click on Create and manage app passwords.
Click on Create button for create new application password.
Enter the name for the password (VBO for example). Password has generated, you can copy the password.
Copy the password into the Veeam console and click on Next.
Check that all points are validated. After that organisation has been added to the console. You can now backup your tenant Office 365