This is an archive version of the document. To get the most up-to-date information, see the current version.Step 3. Specify Authentication Credentials
Depending on the authentication type that has been selected at the previous step, either of the following dialogs appears:
At this step of the wizard, do the following:
- Select the Grant this account required roles and permissions checkbox to automatically assign the ApplicationImpersonation role. For more information, see Granting Roles and Permissions.
- Select the Use the same credentials for SharePoint Online and OneDrive for Business checkbox if you want to use the same credentials to access your Microsoft SharePoint Online and OneDrive for Business data. This checkbox is only available if both organization types have been selected at the Select Organization Deployment Type step.
If the Use the same credentials for SharePoint Online and OneDrive for Business checkbox is not selected, you will be offered to provide required credentials for the Microsoft SharePoint Online and OneDrive for Business organizations at the next step.
Click Next and wait for a connection to be established. Once established, the organization being added will appear in the Organizations view, under the Organizations node.
At this step of the wizard, do the following:
- In the Application ID field, specify the identification number of the application you have created, as described in Understanding Microsoft Graph.
You can find this number in application settings of your Azure Active Directory, as described in this Microsoft article.
- Choose an authentication method.
You can select either Application secret or Application certificate:
- In the Application secret field, enter a secret key to access your custom application.
To obtain a secret key, you will need to generate it first, as described in this Microsoft article.
Mind that a key will become hidden once you leave or refresh the page in the Azure portal. Consider saving the key to a secure location.
- To use a certificate, switch to the Application certificate option and click Browse to select an existing certificate or import a certificate from a .pfx file.
To be able to use a certificate, you must upload it to the Azure portal, as described in this Microsoft article.
- In the Username field, specify your Microsoft Office 365 account name.
- In the App password field, specify the app password that was generated upon enabling Multi-factor authentication (MFA), as described in this Microsoft article.
- Select the Grant this account required roles and permissions checkbox to automatically assign the ApplicationImpersonation role. For more information, see Granting Roles and Permissions.
- Select the Use the same credentials for SharePoint Online and OneDrive for Business checkbox if you want to use the same credentials to access your Microsoft SharePoint Online and OneDrive for Business data. This checkbox is only available if both organization types have been selected at the Select Organization Deployment Type step.
If the Use the same credentials for SharePoint Online and OneDrive for Business checkbox is not selected, you will be offered to provide required credentials for the Microsoft SharePoint Online and OneDrive for Business organizations at the next step.
Click Next and wait for a connection to be established. Once established, the organization being added will appear in the Organizations view, under the Organizations node.
Granting Roles and Permissions
To hydrate an organization, Veeam uses the Enable-OrganizationCustomization cmdlet. For more information, see this Microsoft article.
- To assign the ApplicationImpersonation role, make sure the account you are using is a member of the Organization Management group and has been granted the Role Management role upfront. Otherwise, the automatic assignment of the ApplicationImpersonation role will fail; an organization will not be added.
- If the ApplicationImpersonation role has already been assigned earlier, this step will be skipped.