Express Registration for Microsoft 365 Sources
Before you register your Microsoft 365 domain, ensure that you have:
Basic Auth is not supported for Microsoft 365 source registration.
To register your Microsoft 365 domain:
-
In DataProtect as a Service, navigate to the Sources page and click + Register Source in the upper-right corner of the page.
-
In the Select Source dialog box, select Microsoft 365 and click Start Registration.
-
In the Source Details section, select a cloud region for your data backups.
-
Choose the Microsoft 365 Applications to discover.
Discovery selection change is not allowed for applications with protected objects.
If the Private Chats and Teams Posts option is enabled under the Mailbox and Teams apps respectively, the Private Chats and Teams Posts will be backed up along with the corresponding Users and Teams respectively.
Private Chats and Teams Posts backup APIs are charged separately by Microsoft. All Azure apps configured by Cohesity must be linked to an Azure subscription for billing. Backups of Mailboxes and Teams may fail if the Azure subscription configuration is not set appropriately.
This is an Early Access feature. Contact your Cohesity account team to enable the feature. -
[Optional] You can enable the below options based on your requirement:
Retaining the default values will speed up object discovery in the environment. The metadata required (which is fetched through these options) will be fetched during the backup of the objects and updated.
-
Fetch Mailbox Info to fetch and process the Mailbox information including the provisioning status, mailbox type, and in-place archival usage.
You can enable this option to discover the Mailboxes of the users that were converted into Shared Mailboxes by revoking the user Exchange Online licenses.
-
Fetch OneDrive Info to fetch and process the OneDrive information including the provisioning status and storage quota.
-
Include Users without MySite to include users who have unprovisioned OneDrive or do not have MySite.
-
Enable Site Tagging to tag SharePoint Sites whether they are a Group Site or a Teams Site.
Any Site that is tagged as a Group or Team will not be visible in the Sites section and these sites will be protected through the corresponding Group or Team protection.
-
-
In the Account Credentials section, enter the Microsoft 365 Username and Password.
Adding multiple Microsoft 365 service accounts using the Additional Service Accounts section requires OAuth disabled, as Microsoft has enabled OAuth by default, ignore adding multiple Microsoft 365 service accounts.
-
Toggle on the Enable OAuth option.
-
In the Azure Applications section, enter the number of Azure applications that you want to create based on your requirements and click Create.
By default, an Azure application will be created. To better manage Microsoft 365 throttling, Cohesity recommends at least one Azure app.
-
In the Add Azure Application form, copy the device code and click the Microsoft Azure App link to open the Microsoft Azure App authorization service in a new tab.
If you prefer to create your Azure apps manually, see Manual Registration for Microsoft 365 Sources.
-
In the Microsoft Azure App authorization service, paste the copied code and click Next.
-
Log in to Microsoft Azure, enter the Username and Password of your Microsoft 365 account and click Sign in.
Ensure that your Microsoft 365 account has global administrator access.
-
Follow the instructions to complete the authorization on the Microsoft Azure portal.
-
Wait for Microsoft Azure Authorization to complete and then click Register.
For SharePoint Online data protection, ensure that you set the required add-in permissions and tenant permissions on the Azure application. For more information, see Set additional permissions for SharePoint Online.
You can follow the Microsoft 365 source discovery and registration progress on the Sources page.
Next > You are now ready to protect your Microsoft 365 Mailboxes, OneDrives, SharePoint Online Sites, and Teams!
