Creating New Entra ID Application

This step applies only if you have selected the Create a new account option at the Account Type step of the wizard.

Configuring Microsoft Entra ID Application

When you choose to create a new account, Veeam Backup & Replication registers a new Microsoft Entra ID (formerly Azure Active Directory) application in Microsoft Azure. Veeam Backup & Replication will use this application to authenticate to Azure. For more information on Microsoft Entra ID applications, see Microsoft Azure Docs. To create the Microsoft Entra ID application, you must use a single-use verification code that Veeam Backup & Replication provides you.

At the Account Type step of the wizard, do the following:

  1. Click Copy to clipboard to copy the verification code.
  2. Click the https://microsoft.com/devicelogin link.
  3. On the Microsoft Azure device authentication page, do the following:
  1. Paste the code that you have copied and click Next. Note that the code will expire in 15 minutes.
  2. Specify a Microsoft Entra ID user account that will be used to create an application. Note that the user name must be specified in the user principal name format (username@domain). The account must have permissions described in section Permissions.

Veeam Backup & Replication will retrieve information about subscriptions to which the Microsoft Entra ID user has access and will create Microsoft Entra ID application in the tenant of the account.

  1. Back to the Add Azure Account wizard, check whether any errors occurred during the authentication process.

Note

Consider the following:

  • If you have multiple tenants associated with the Microsoft Entra ID user account that you plan to use to create a new application, Veeam Backup & Replication will create the application in the home tenant of the account. As a result, the application will have access only to the subscriptions of the home tenant, as well as the Azure Compute account will. If you want to use another tenant and its subscriptions, follow the instructions in this Veeam KB article.
  • The created Microsoft Entra ID application is assigned the Contributor, Key Vault Crypto User and Storage Queue Data Contributor role privileges for the subscriptions for which the following conditions are met: the subscriptions are linked to the home tenant of the Microsoft Entra ID user; the Microsoft Entra ID user has access to these subscriptions and can assign roles on the subscription level for the registered application.

You can limit the subscriptions to which Veeam Backup & Replication assigns the privileges as described in this Veeam KB article. For more information on roles, see Microsoft Azure Docs.

Enabling Direct Restore of Linux Workloads

To enable direct restore of Linux-based workloads, select the Enable direct restore of Linux-based computers. When selected, this check box enables the Helper Appliance step where you will have to configure helper appliances.

Creating New Entra ID Application

Page updated 2/23/2024

Page content applies to build 12.1.1.56