Log in to the inSync Management Console as an inSync Cloud administrator. Follow these steps to configure M365 Groups with inSync.
Step 1: Grant permissions to access Groups data
To begin with Groups data backup, you need to authorize inSync with Microsoft Groups data access.
Once you initiate app configuration from the inSync Management Console, the application redirects you to the Microsoft 365 login page. Log in as a Global Administrator to review the requested app permissions and grant access to the app data. To know more about the requested permissions and their purpose, see Microsoft 365 Permissions for Druva App.
inSync communicates with Microsoft 365 services using OAuth 2.0, an open protocol for token-based authentication and authorization. For more information, see the OAuth website .
Watch this video on how to grant permissions
Procedure
Click Register Microsoft 365 Account.
On the Configure for Backup page, select Microsoft 365 Advanced app and click Configure to configure a group for backup.
On the Microsoft 365 login page, enter the Microsoft 365 global administrator's username and password for Microsoft 365, and then click Sign in.
Click Accept to grant the required permissions to access Groups data. See Required permissions to access Groups.
Step 2: Get data encryption key
Scheduled backup of SaaS Apps data requires access to the data encryption key to encrypt backed-up data.
This process is part of the digital envelope encryption process that Druva strictly adheres to. Druva does not store the user’s data encryption key and has no access to the data.
Select one of the following options to generate the data encryption key.
Cloud Key Management System (KMS) (recommended) - Uses AWS KMS services to encrypt and decrypt SaaS Apps data. You cannot disable this setting once saved. For more information, see Configure Key Management for SaaS Apps.
inSync AD Connector - Uses a connector installed on a Windows device or a server within your organization's network to provide the data encryption.
For more information, see Install inSync Connector and Configure the inSync Connector.
Things to consider:
Users don’t have to connect to their devices for backup.
Backup of the configured SaaS Apps data fails if a registered Connector is not connected.
The Connector does not require any domains or Active Directory mappings.
You get a Not Connected alert if the Connector is not connected.
Step 3: Configure Groups for backup and restore
You can configure Groups for backup and restore in the following ways:
Auto-Configuration: Use this method to automatically detect any new Groups and apply default or custom backup configurations and predefined schedules to each newly discovered and configured Groups.
Manual backup: You can define auto-configuration settings to start an unscheduled backup of Groups data when required.
🚩 Important
Due to API limitations, if you use a Shared Mailbox as a Global Admin account for configuring Druva inSync with Microsoft 365, Groups discovery might fail.