Veeam Backup & Replication 13
User Guide
ASK LLM
Ask ChatGPT
Ask Claude
Ask Gemini
Ask Grok
Ask Perplexity
Related documents
Search

Considerations and Limitations

When you plan to deploy and configure Veeam Backup for Microsoft Entra ID, keep in mind the following limitations and considerations.

Backup Proxies

When managing general-purpose backup proxies, consider the following:

  • During Veeam Backup & Replication installation, a default general-purpose backup proxy is automatically added to the backup infrastructure. Do not remove or disable this proxy — otherwise, you will not be able to protect Microsoft Entra ID tenants and their logs.

Backup Repositories

When connecting a remote Microsoft Entra ID backup repository to the backup infrastructure, consider the following:

  • The repository must run PostgreSQL version 14 or later.
  • Veeam Backup for Microsoft Entra ID supports connecting one remote Microsoft Entra ID backup repository only.
  • Veeam Backup for Microsoft Entra ID supports PostgreSQL password authentication only.

Tenant Backup and Restore

  • Veeam Backup for Microsoft Entra ID does not support backup of Microsoft Entra ID tenants located in China, Azure Government tenants, external tenants or Azure Active Directory B2C tenants.
  • Veeam Backup for Microsoft Entra ID does not support restore of more than 1000 tenant items during one restore session.
  • You cannot protect multiple tenants by one backup job — one backup job can be used to protect only one tenant. Also, you cannot protect the same tenant by multiple backup jobs.
  • Veeam Backup for Microsoft Entra ID does not support restore of Microsoft Entra built-in roles, distribution security groups and mail-enabled security groups.
  • By default, Veeam Backup for Microsoft Entra ID does not back up relationships between protected tenant items and Azure management groups. To instruct Veeam Backup for Microsoft Entra ID to add these relationships to backup jobs, you must perform additional configuration steps described in this Veeam KB article.
  • Veeam Backup for Microsoft Entra ID does not support restoring more than one type of tenant items at a time.
  • You can restore a service principal that represents an application only together with this application and within one restore session. If you restore the application and the principal separately, the restored application gets a new ID assigned, and the restore of the service principal will fail.
  • Restore of users synchronized with Microsoft Active Directory (hybrid identities) is possible using Veeam Backup for Microsoft Entra ID. For more information, see Appendix. Restoring Synchronized Users (Hybrid Identity).
  • Veeam Backup for Microsoft Entra ID does not support restore of Intune device configuration profiles of the editionUpgradeConfiguration type with application permissions. You can restore this intune policy using delegated permissions only. During restore of Intune Device Configuration of type editionUpgradeConfiguration, the properties License and ProductKey are restored to predefined placeholder values. After restore, these properties must be manually updated in the Intune Admin Center.

Log Backup and Restore

  • Veeam Backup for Microsoft Entra ID does not support storing backed-up sign-in and audit logs in multi-bucket repositories. For more information, see section Object Storage Repository.
  • Veeam Backup for Microsoft Entra ID does not support  backup of sign-in logs with a free Microsoft Entra ID license.
  • To create a log backup, you must have the backup of the tenant whose logs you want to protect. The latest restore point of this backup must be created within 30 days before the log backup.

Page updated 3/24/2026

Page content applies to build 13.0.1.2067

View all results across Veeam Help Center
Back to document search