Hello everyone,
I'm looking for clarification regarding the scope of protection provided by Veeam Data Cloud for Entra ID in a scenario involving trusted domains across different organizations.
I have a customer that wants to protect their Microsoft Entra ID users using Veeam Data Cloud for Entra ID. However, they informed us that their environment has trust relationships with several other company domains belonging to the same corporate group.
To clarify, we are not talking about a single forest with multiple child domains. Instead, these are separate domains/organizations that have trust relationships established between them.
My main question is:
When configuring a backup for a specific Entra ID organization (tenant), will the backup scope be limited only to the users that belong to the tenant added to Veeam Data Cloud, or could users from other trusted organizations also be automatically included in the backup job?
This distinction is extremely important for sizing and licensing purposes. The difference could be protecting approximately 1,000 users from a single organization versus nearly 9,000 users when considering all trusted organizations.
I reviewed the documentation and found two points that left me with additional questions:
Considerations and Limitations:
- Veeam Data Cloud does not support Azure Active Directory B2C and Microsoft Entra External ID Tenants.
Licensing Considerations:
- User protection and licensing appear to be based on the "userType" attribute (Member or Guest).
Based on these statements, I am trying to understand how VDC for Entra ID handles users that originate from trusted external organizations.
Any help will be welcome.
-
rcocate
- Novice
- Posts: 6
- Liked: 1 time
- Joined: Jul 26, 2024 2:11 pm
- Full Name: Rodrigo Cocate
- Contact:
-
AlexAverboukh
- Veeam Software
- Posts: 40
- Liked: 17 times
- Joined: Jul 10, 2025 11:11 am
- Full Name: Alex Averboukh
- Contact:
Re: Backup Scope with Trusted Domains and Multiple Entra ID Organizations
Hello Rodrigo,
At the moment we protect users from a specific Entra ID organization as well as other trusted organizations if they are automatically synched with a specified org.
We license all users that are ENABLED and MEMBERS. Meaning, if the external users are synched as members, they will be counted towards the license.
We currently don't protect B2C users, we're planning to add this option in the beginning of Q3.
We're also working on introducing different licensing rules for the external users, but I can't commit to a specific date yet.
Please let me know if you have any questions.
Best,
Alexander
At the moment we protect users from a specific Entra ID organization as well as other trusted organizations if they are automatically synched with a specified org.
We license all users that are ENABLED and MEMBERS. Meaning, if the external users are synched as members, they will be counted towards the license.
We currently don't protect B2C users, we're planning to add this option in the beginning of Q3.
We're also working on introducing different licensing rules for the external users, but I can't commit to a specific date yet.
Please let me know if you have any questions.
Best,
Alexander
-
rcocate
- Novice
- Posts: 6
- Liked: 1 time
- Joined: Jul 26, 2024 2:11 pm
- Full Name: Rodrigo Cocate
- Contact:
Re: Backup Scope with Trusted Domains and Multiple Entra ID Organizations
Hello Alexander,
I hope you are well. Thank you for the complete and objective answer; it clarified the doubt I had. Also... thank you for the quick response and attention to this topic.
Best regards,
Cocate
I hope you are well. Thank you for the complete and objective answer; it clarified the doubt I had. Also... thank you for the quick response and attention to this topic.
Best regards,
Cocate
Who is online
Users browsing this forum: No registered users and 1 guest