Hello guys,
i have a lot of trouble to add a customer's M365 organization to VBO365 v6. From my POV all permissions are configured correctly and as described to the documention.
But from the beginning ... I have to use Modern authentication with legacy protocols enabled because the customers uses public foldes which has to be backed up.
First I created the Azure AD application and its permissions manually which results in error messages that a connection to EWS and to PowerShell is not possible.
After that I created a Azure AD application using modern-app only authentication automatically. In a second step I configured the legacy protocol which ends up in less error messages.
The wizard can't connect to PowerShell due to insufficient permissions.
The user i have used has the global administrator role configured and also added ApplicationImpersination role.
Maybe you have any further advice to solve this issue?
Kind regards,
Christian
-
chrisflyckelen
- Service Provider
- Posts: 64
- Liked: 8 times
- Joined: Oct 15, 2019 7:51 am
- Contact:
-
Mildur
- Product Manager
- Posts: 9848
- Liked: 2607 times
- Joined: May 13, 2017 4:51 pm
- Full Name: Fabian K.
- Location: Switzerland
- Contact:
Re: Case #05448869 Adding M365 organization fails
Hi Christian
Thanks for the case number.
Have you checked if basic auth is not disabled for your tenant?
- Azure Security Defaults enabled?
- Conditional Access Policies enabled?
- Disabled Basic Auth by Microsoft itself? (Self Service re-Enable Basic Auth)
Thanks for the case number.
Have you checked if basic auth is not disabled for your tenant?
- Azure Security Defaults enabled?
- Conditional Access Policies enabled?
- Disabled Basic Auth by Microsoft itself? (Self Service re-Enable Basic Auth)
Product Management Analyst @ Veeam Software
-
RomanK
- Veeam Software
- Posts: 745
- Liked: 191 times
- Joined: Nov 01, 2016 11:26 am
- Contact:
Re: Case #05448869 Adding M365 organization fails
Hello Christian,
The "Modern authentication with legacy protocols enabled" is using PowerShell to resolve principal type i.e. differentiate a user from a shared mailbox. However, PowerShell uses the basic authentication that could be blocked by settings Fabian asked in the post above.
Having that, the validation would fail with the errors like:
- Connect to EWS: The request failed with HTTP status 401
- Connect to SharePoint: Unable to locate SharePoint Online.
- Connect to PowerShell: Connecting to remote server outlook.office365.com failed with the following error message: Access is denied.
Hope this helps a bit.
Thanks
The "Modern authentication with legacy protocols enabled" is using PowerShell to resolve principal type i.e. differentiate a user from a shared mailbox. However, PowerShell uses the basic authentication that could be blocked by settings Fabian asked in the post above.
Having that, the validation would fail with the errors like:
- Connect to EWS: The request failed with HTTP status 401
- Connect to SharePoint: Unable to locate SharePoint Online.
- Connect to PowerShell: Connecting to remote server outlook.office365.com failed with the following error message: Access is denied.
Hope this helps a bit.
Thanks
-
chrisflyckelen
- Service Provider
- Posts: 64
- Liked: 8 times
- Joined: Oct 15, 2019 7:51 am
- Contact:
Re: Case #05448869 Adding M365 organization fails
Hey guys,
thanks for your help. In my case the reason Microsoft has disabled already the basic auth. After re-enabling basic auth everything is fine.
This takes me to the question whether Veeam is working on an update already to provide public folder backup etc. after Oct 1th.
Kind regards,
Christian
thanks for your help. In my case the reason Microsoft has disabled already the basic auth. After re-enabling basic auth everything is fine.
This takes me to the question whether Veeam is working on an update already to provide public folder backup etc. after Oct 1th.
Kind regards,
Christian
-
Mildur
- Product Manager
- Posts: 9848
- Liked: 2607 times
- Joined: May 13, 2017 4:51 pm
- Full Name: Fabian K.
- Location: Switzerland
- Contact:
Re: Case #05448869 Adding M365 organization fails
Hi Christian
Thanks for the Update.
Yes, we are aware of the deprecation of Basic Auth.
For the public folder, you can find a discussion on this topic.
Thanks for the Update.
Yes, we are aware of the deprecation of Basic Auth.
For the public folder, you can find a discussion on this topic.
Product Management Analyst @ Veeam Software
Who is online
Users browsing this forum: No registered users and 17 guests