Hi everyone! Just dropping by to share a quick but practical guide about how to configure Veeam for Office 365 v4(and v3) with modern authentication.
What are the requirements?
- An application object in Azure AD.
- An account with all the required permissions in M365 tenant (EO,SPO).
- Allow access for legacy apps in SharePoint.
Create the required application object in Azure AD
Why we need this? This will act as the front door to the M365 tenant along with the required account/permissions. In order to create the application object, you need to have the Global Admin role assigned to your account. Otherwise, you won’t be able to grant the appropriate permissions. Also, make sure you copy the secret to a notepad or other password manager because you won’t be able to reveal it again.
Create the Azure AD account required for accessing data in M365 online services.
We are 3 steps away from provisioning and configuring the account.
a) Provision the new account
Create a new user using the M365 portal without assigning a license. I would strongly suggest that the users UPN should be provisioned using the tenant’s namespace provided by Microsoft. For instance “firstname.lastname@example.org”.
b) Grant the required permissions
In terms of permissions now, let’s go through with the bare minimum such as “Exchange Admin” and “Sharepoint Admin“.
c) Configure MFA and create an App Password
Allow access for legacy apps in SharePoint
Configure organization in VBO with Modern Authentication
Thanks for reading!