Manual Registration for Microsoft 365 Sources

Basic Auth is not supported for Microsoft 365 source registration.

To register your Microsoft 365 domain manually, make sure you've met all the Microsoft 365 Requirements and then:

  1. In DataProtect as a Service, navigate to the Sources page and click + Register Source in the upper-right corner of the page.

  2. In the Select Source dialog box, select Microsoft 365 and click Start Registration.

  3. In the Source Details section, select a cloud region for your data backups.

  4. Choose the Microsoft 365 Applications to discover.

    Discovery selection change is not allowed for applications with protected objects.

    If the Private Chats and Teams Posts option is enabled under the Mailbox and Teams apps respectively, the Private Chats and Teams Posts will be backed up along with the corresponding Users and Teams respectively.
    Private Chats and Teams Posts backup APIs are charged separately by Microsoft. All Azure apps configured by Cohesity must be linked to an Azure subscription for billing. Backups of Mailboxes and Teams may fail if the Azure subscription configuration is not set appropriately.
    This is an Early Access feature. Contact your Cohesity account team to enable the feature.

  5. [Optional] You can enable the below options based on your requirement:

    Retaining the default values will speed up object discovery in the environment. The metadata required (which is fetched through these options) will be fetched during the backup of the objects and updated.

    1. Fetch Mailbox Info to fetch and process the Mailbox information including the provisioning status, mailbox type, and in-place archival usage.

      You can enable this option to discover the Mailboxes of the users that were converted into Shared Mailboxes by revoking the user Exchange Online licenses.

    2. Fetch OneDrive Info to fetch and process the OneDrive information including the provisioning status and storage quota.

    3. Include Users without MySite to include users who have unprovisioned OneDrive or do not have MySite.

    4. Enable Site Tagging to tag SharePoint Sites whether they are a Group Site or a Teams Site.

      Any Site that is tagged as a Group or Team will not be visible in the Sites section and these sites will be protected through the corresponding Group or Team protection.

  6. In the Account Credentials section, enter the Microsoft 365 Username and Password.

    Adding multiple Microsoft 365 service accounts using the Additional Service Accounts section requires OAuth disabled, as Microsoft has enabled OAuth by default, ignore adding multiple Microsoft 365 service accounts.

  7. Toggle on the Enable OAuth option.

  8. In the Azure Applications section, enter the number of Azure applications that you want to create based on your requirements and click Create.

    By default, an Azure application will be created. To better manage Microsoft 365 throttling, Cohesity recommends at least one Azure app.

  9. In the Add Azure Application form, click the You can also add Azure App manually link and then enter the App ID and App Secret Key that you noted down while registering your custom Azure app.

    You can add multiple Azure apps for a Microsoft 365 source to load balance your backup and restore operations. Click + to add multiple Azure apps. When you do, ensure that you provide the valid App ID and App Secret Key.

  10. Click Register.

For SharePoint Online data protection, ensure that you set the required add-in permissions and tenant permissions on the Azure application. For more information, see Set additional permissions for SharePoint Online.

You can follow the Microsoft 365 source discovery and registration progress on the Sources page.

Next > You are now ready to protect your Microsoft 365 Mailboxes, OneDrives, SharePoint Online Sites, and Teams!