Help Center
Choose product document...
Veeam Backup for Microsoft Office 365
User Guide

User Authentication

Veeam Backup for Microsoft Office 365 connects to on-premises Exchange organization in the hybrid or on-premises Exchange deployment using EWS and PowerShell. Authentication and secure communication of user credentials are provided as follows:

  1. When transferring data using EWS, the SSL secure connection is always established.
  2. When transferring data using PowerShell, two methods are possible:
  • Use SSL with Basic authentication. This method is recommended by Microsoft as it provides secure communication of user credentials (account and password) inside the encrypted SSL channel. See the Connect to Exchange Online PowerShell article for details.


$Session = New-PSSession -ConfigurationName Microsoft.Exchange -ConnectionUri -Credential $UserCredential -Authentication Basic -AllowRedirection

  • Use SPN (Service Principal Name) and Kerberos authentication. To use this method, it is recommended to deploy Veeam Backup for Office 365 management server in the same domain with the Exchange server and provide it with access to the domain controller. You may also need to map the Exchange Server to the hybrid domain. Consider that this method cannot be used for multiple servers included in CAS.


Use the setspn command-line utility to map the Kerberos service principal name to a Microsoft account:

setspn -A HTTP/ ExchangeHost

Here: – name of the hybrid domain

ExchangeHost – name of Exchange server.  

See the Setspn article for detais.

Veeam Large Logo

User Guide

RESTful API Reference

PowerShell Reference