Configuration

In this article

    Restore Portal is deployed automatically along with Veeam Backup for Microsoft 365 REST API component installation.

    The Veeam Backup for Microsoft 365 administrator can configure Restore Portal for the following backup infrastructures:

    Configuring Restore Portal for Single Microsoft 365 Organization

    If the Veeam Backup for Microsoft 365 administrator wants to allow end users and restore operators in a Microsoft 365 organization to explore and restore data from backups using Restore Portal, the following actions must be performed before users start using the web application:

    1. Check that Veeam Backup for Microsoft 365 REST API component is installed either on the Veeam Backup for Microsoft 365 server or on a separate computer.

    Installing REST API separately from a Veeam Backup for Microsoft 365 server allows you to decrease the load on infrastructure when exploring and restoring data from backups using the Restore Portal. For more information, see Installing Veeam Backup for Microsoft 365 and Veeam Explorers to deploy the solution to the Veeam Backup for Microsoft 365 server and Installing REST API on Separate Computer to deploy Veeam Backup for Microsoft 365 REST API component separately.

    1. Enable the Veeam Backup for Microsoft 365 RESTful API Service.

    This service processes REST API commands and allows Restore Portal to communicate with Veeam Backup for Microsoft 365. For more information, see REST API Settings if you have deployed the solution on the Veeam Backup for Microsoft 365 server and Configuring REST API and Restore Portal on Separate Computer if you have installed REST API separately.

    1. Enable restore operator authentication to the Veeam Backup for Microsoft 365 server. For more information, see Authentication Settings.
    2. Enable Restore Portal and configure access to it. For more information, see Restore Portal Settings if you have deployed the solution on the Veeam Backup for Microsoft 365 server and Configuring REST API and Restore Portal on Separate Computer if you have installed REST API separately.
    3. Add restore operator roles to assign permissions to users who act as restore operators. For more information, see Adding Restore Operator Role.
    4. Provide end users and restore operators with the Restore Portal web address.

    Configuring Restore Portal for Multiple Tenants

    Note

    Follow these steps as a part of Microsoft 365 Backup as a Service usage scenario. For more information, see Microsoft 365 Backup as Service.

    To configure access for end users and restore operators from tenant organizations to Restore Portal, the following actions must be performed on a service provider side before users start using the web application:

    1. Check that Veeam Backup for Microsoft 365 REST API component is installed either on the Veeam Backup for Microsoft 365 server or on a separate computer.

    Installing REST API separately from a Veeam Backup for Microsoft 365 server allows you to decrease the load on infrastructure when exploring and restoring data from backups using the Restore Portal. For more information, see Installing Veeam Backup for Microsoft 365 and Veeam Explorers to deploy the solution to the Veeam Backup for Microsoft 365 server and Installing REST API on Separate Computer to deploy Veeam Backup for Microsoft 365 REST API component separately.

    1. Enable the Veeam Backup for Microsoft 365 RESTful API Service.

    This service processes REST API commands and allows Restore Portal to communicate with Veeam Backup for Microsoft 365. For more information, see REST API Settings if you have deployed the solution on the Veeam Backup for Microsoft 365 server and Configuring REST API and Restore Portal on Separate Computer if you have installed REST API separately.

    1. Enable tenants and restore operator authentication to the Veeam Backup for Microsoft 365 server. For more information, see Authentication Settings.
    2. Enable Restore Portal and configure access to it. For more information, see Restore Portal Settings if you have deployed the solution on the Veeam Backup for Microsoft 365 server and Configuring REST API and Restore Portal on Separate Computer if you have installed REST API separately.

    Important

    Azure AD application that you want to use to access Restore Portal must be created for a Microsoft 365 organization on a service provider side.

    1. Share the configured Azure AD application with all tenant organizations. To do this, perform the following steps:
    1. Run the New-AzureADServicePrincipal cmdlet. Specify an application ID of Azure AD application configured for authentication to Restore Portal as the AppId parameter value.

    $Credential = Get-Credential

    Connect-AzureAD -Credential $Credential

    New-AzureADServicePrincipal -AppId "XXXXXXXX-XXXX-XXXX-XXXX-XXXXXXXXXXXX"

    1. Sign in to the tenant organization Azure portal.
    2. Go to Azure Active Directory > Enterprise applications.
    3. Search for Azure AD application configured for authentication to Restore Portal by the application name or object ID, or use filters with the Application type search criteria removed.
    4. Go to the application permissions and grant admin consent to this application on behalf of all users in the tenant organization. For more information, see this Microsoft article, Permissions for Authentication to Restore Portal and contact Veeam Customer Support.
    1. Add restore operator roles to assign permissions to users who act as restore operators. For more information, see Adding Restore Operator Role.
    2. Provide end users and restore operators with the Restore Portal web address.

    In This Section