Professional Documents
Culture Documents
Connect-MsolService
$role=Get-MsolRole -RoleName "SharePoint Administrator"
$accountname="example@domain.com"
Add-MsolRoleMember -RoleMemberEmailAddress $accountname -RoleName $role.Name
In addition, the Veeam Backup account that you use to add an organization must meet the following
requirements:
• The account must have a Microsoft Office 365 license that permits access to Microsoft Teams API. The
minimum sufficient license is Microsoft Teams Exploratory experience.
NOTE:
• In case you add an organization in Veeam Backup for Microsoft Office 365 using the modern
authentication method with legacy protocols allowed, and specify different accounts to connect to
Microsoft Exchange and Microsoft SharePoint, the required license and role must be assigned to the
account used to connect to Microsoft SharePoint.
• For more information about permissions required to restore Microsoft Teams data from backups
created by Veeam Backup for Microsoft Office 365, see Required Permissions for Veeam Explorer for
Microsoft Teams.
For more information about permissions in Azure, see this Microsoft article.
If you prefer to use a custom application of your own, make sure to grant all the permissions listed in this table
manually.
Office 365 full_access_as_user Delegated1 Restore Reading the current state and
Exchange restoring mailboxes content.
Online
This permission is only required
when you add an organization in
the Germany region.
Sites.FullControl.All
Application2 Restore Reading the current state and
restoring SharePoint sites and
SharePoint OneDrive accounts content.
1
Permissions of the Delegated type are used for data restore using the device code flow.
2
Permissions of the Application type are used for data restore using an application certificate.
3. Select API permissions > Add a permission > APIs my organization uses.
4. Select Office 365 Exchange Online API in the list, check its permissions and configure them, if needed.
1. In the Azure AD application settings, the Treat application as a public client option must be set to Yes. For
more information on application settings, see this Microsoft article.
Note that this option is not available in Microsoft Azure for the Germany region. In this region, you must
register Azure AD applications used for backup and restore as applications of the Public client/Native type.
2. In the Azure AD application settings, a redirect URI must be specified for the application. For more
information, see this Microsoft article.
When creating a new Azure AD application automatically, Veeam Backup for Microsoft Office 365 specifies
http://localhost/ as a redirect URI.
• Global Administrator or Exchange Administrator — required for data restore with Veeam Explorer for
Microsoft Exchange.
• Global Administrator or SharePoint Administrator — required for data restore with Veeam Explorer for
Microsoft SharePoint and Veeam Explorer for Microsoft OneDrive for Business.
• Global Administrator or Teams Administrator — required for data restore with Veeam Explorer for
Microsoft Teams.
• Global Administrator — required for establishing a connection to a service provider in the Office 365
Backup as a Service scenario.
Microsoft
Group.Read.All Querying Azure AD for the list of
Graph
groups and group sites.
• Infrastructure
• Backup Repositories
• Backup
• Restore
NOTE:
For the complete list of known issues and limitations in Veeam Backup for Microsoft Office 365 5.0, see
Release Notes. For limitations in Veeam Backup for Microsoft Office 365 functionality when protecting
organizations with modern app-only authentication, see this Veeam KB article.
Infrastructure
• The Veeam Backup for Microsoft Office 365 RESTful API Service, Veeam Backup for Microsoft Office 365
Service and Veeam Backup Proxy for Microsoft Office 365 Service must be started using the Local System
account.
• You cannot change the name of the Veeam Backup for Microsoft Office 365 server or change domains of
the server without resetting the configuration.
• If the organization has multiple domains, they must be configured as a mesh to cross authenticate to
download content from all domains with the service account. For more information, see this Microsoft
article.
• Microsoft Windows 2008 operating system is not supported; Windows 2008 R2 SP1 is the minimum
supported version.
• Veeam Backup for Microsoft Office 365 does not support encryption at-rest for the following types of
backup repositories:
• [For Microsoft Outlook] Preliminary releases such as Insider releases or releases provided by Monthly
Channel Updates are not supported; Veeam Backup for Microsoft Office 365 supports only RTM/GA
versions. For more information, see this Microsoft article.
• If the Veeam Backup for Microsoft Office 365 console and a management server are deployed on different
machines, make sure that the management server is trusted for delegation. For more information, see this
Microsoft article.
• Adding Microsoft Office 365 organizations using modern authentication with legacy protocols allowed is
not supported for Microsoft Azure China region.
• Adding Microsoft Office 365 organizations using modern app-only authentication is not supported for
Microsoft Azure Germany region.
• Microsoft Teams service is not supported for organizations in the Microsoft Azure China and Germany
regions.
• Notifications about backup jobs completion results may not work properly for Microsoft Azure China and
Germany regions.
Backup Repositories
• Backup repositories with enabled volume deduplication are not supported.
• Veeam Backup for Microsoft Office 365 does not support Glacier or Lifecycle policy in Amazon AWS Data
Management or Azure Archive storage class.
• Make sure the S3 Compatible device you are adding supports AWS v4 signature. For more information
about authentication requests, see this Amazon article.
• Veeam Backup for Microsoft Office 365 allows you to migrate data from a local backup repository to an
object storage repository, but not vice versa. For more information, see the Move-VBOEntityData section
of the Veeam Backup for Microsoft Office 365 PowerShell Reference.
Backup
• To back up user mailboxes, make sure that a mailbox has a valid Microsoft Office 365 license. Otherwise a
backup job will fail with the following error: "Error: Mailbox doesn't have a valid Microsoft Office 365
license".
• To back up public folder mailboxes, the Veeam Backup account must have a valid Exchange Online license
and an active mailbox within the Microsoft Office 365 organization.
• Veeam Backup for Microsoft Office 365 backs up public folders that are located under the IPM_SUBTREE
folder only.
• Backup of In-Place Hold Items is not supported for on-premises Microsoft Exchange 2013.
• If you modify a retention policy tag for a folder, Veeam Backup for Microsoft Office 365 will perform full
synchronization of that folder during the subsequent backup job session. For more information, see this
Microsoft article.
• A SharePoint Site Collection hierarchy is not supported if the root site was not configured. Make sure to
configure the root site in advance using a SharePoint site template of your choice. Otherwise, the
following error occurs: Error: Failed to find web template ID for: STS#-1. This organization account might
be missing a valid SharePoint license. Web configuration is not complete.
• When backing up Microsoft Exchange mailboxes, Veeam Backup for Microsoft Office 365 does not create a
new version of an item the Read/Unread property of which was changed. That said, the Read/Unread
property of each of the backed-up items always remains exactly the same as it was during the initial
backup.
• Veeam Backup for Microsoft Office 365 does not back up the following Microsoft Teams objects:
o Private channels
o Video recordings
o Contacts
o Data of applications added as channel tabs that does not reside in the SharePoint document library of
the channel
• As part of Microsoft Teams data backup, Veeam Backup for Microsoft Office 365 backs up only the
following types of channel tabs: Website, Planner, Word, Excel, PowerPoint, Visio, PDF, Document
Library, OneNote, SharePoint, Stream, Forms, Power BI, Flow and Azure DevOps.
• Veeam Backup for Microsoft Office 365 cannot backup SharePoint Online sites if their domain names were
changed. For more information, see this Microsoft article.
Restore
• SharePoint sites with a red X over the symbol mean that there is an empty sector of the template and
supported content is available in the subsites.
• Veeam Backup for Microsoft Office 365 restores public folders that are located under the IPM_SUBTREE
folder only.
• Bulk restore (restore of multiple objects) is not supported for public folder mailboxes. Use the regular
per-object restore instead.
• Cross-tenant restore to Microsoft Office 365 is only possible for Exchange Online objects, not for
SharePoint sites.