Nakivo introduced support for Office 365 in their Backup & Replication v9.2 release in February 2020. This blogposts takes you through the necessary steps to set up data protection for Office 365. The high level architecture of the solution is shown in the following diagram:
Adding the Microsoft 365 Account to the Inventory
The first step is to add an Microsoft Office 365 account to the inventory. When adding the account, four items need to be provided:
- Display name
- Tenant ID
- Azure Client ID
- Azure Client Secret
We need to switch to the Azure Portal to obtain these credentials. Select Azure Active Directory:
Now select App Registrations in the left menu and click Register an application:
Provide a declarative name for the app registration. I’m using a single tenant API access. The Tenant ID and Client ID are displayed after clicking Register.
We now need to ensure Nakivo Backup and Replication has the required permissions to backup and recover data in Office 365. Click View API Permissions and select Microsoft Graph . We now need to set the appropriate permissions on the Application Permissions tab:
Select Mail>Mail.ReadWrite, MailboxSettings>MailboxSettings.ReadWrite, and User>User.Read.All.. Now click Click Update Permissions.
Generating a new client secret
With the proper permissions set, we now need to generate a new client secret by selecting Certificates & Secrets from the left side menu:
Select New client secret to generate a new client secret. With all the required paramaters gathered, we can now go back to the Nakivo console and add the Office 365 account to the inventory.
In my lab environment I only have the onboard transporter. Next up is the Backup Repository…
Creating a backup repository for Office 365
Office 365 backups require a dedicated Backup Repository. Create the repository and ensure the type Microsoft Office 365is selected:
Creating our first Office 365 backup
With the Office 365 account added to the inventory, the onboard transporter selected and the dedicated Office 365 backup repository created, it is now time to create our first backup job:
Restoring items from our Office 365 backup
After the job completes, it’s time to test the recovery process. Nakivo supports granular object-level restores and the Object Recovery wizard walks your through the process. It allows you to recover to the original location, a specific mailbox and what the overwrite behaviour should be:
The Recover button initiates the restore…
Many Office 365 users falsely assume data protection is handled by Microsoft as part of the service. Although Microsoft will ensure your data is protected from data loss events within the responsibility domain of the cloud provider, the Office 365 customer needs to ensure measures are in place to protect the data itself (accidental deletes for example). Nakivo provides a nice and user-friendly solution to deliver these capabilities.
If you want to know more about Nakivo and their data protection solutions, please go to their website by clicking on their banner on the right, or click here.