- Posts: 12
- Liked: never
- Joined: Oct 30, 2018 7:20 pm
- Full Name: Curt Fortenbery
- Location: Atlanta, GA
AADSTS500113: No reply address is registered for the application
In research it appears to be related to the request URI and that the default user type setting specified in the following Microsoft link should probably be set to a "public client" (which is a scary thing for Microsoft to call it LOL):
https://docs.microsoft.com/en-us/azure/ ... gistration
So all exchange needs (from a high level) is an account with global admin and the impersonation role in order to restore to any email account in the organization, right? So what does Veeam recommend as a best practice for doing restores: should we be using the MFA service account with the app registration default user type set to "public client" or should the VBO365 admins be using their own global admin accounts with impersonation role granted in order to perform restores?
Just looking for guidance....Thanks!
- Product Manager
- Posts: 6153
- Liked: 718 times
- Joined: Feb 08, 2013 3:08 pm
- Full Name: Mike Resseler
- Location: Belgium
Yes, using an account with app registration is indeed what we prefer. This account or app ID does not have to be the same as the one that is used by the service itself. You can create multiple different ones, you just need to give the ID enough rights.
Users browsing this forum: No registered users and 2 guests