Before you begin
Before you initiate inSync configuration to protect Microsoft 365 data, ensure that you have the following accounts created.
- You have an Microsoft 365 global administrator account with a valid Microsoft 365 license.
Configure inSync to protect Microsoft 365: OneDrive
Log in to the inSync Management Console as an inSync Cloud administrator and perform the following steps to set-up inSync to configure and protect OneDrive data.
Step 1: Provide inSync permissions to access OneDrive data
To begin with OneDrive data backup, you need to authorize inSync with OneDrive app data access. For procedure with screenshots, see Configure Druva inSync for Microsoft 365.
Once you initiate app configuration from the inSync Management Console, the application redirects you to the Microsoft 365 login page. Log in as a Global Administrator to review the requested app permissions and grant access to the app data. To know more about the requested permissions and their purpose, check the Microsoft 365 App Permissions for Druva App article.
inSync communicates with Microsoft 365 services using OAuth 2.0, an open protocol for token-based authentication and authorization. For more information, see the OAuth website.
Note: Snapshots of OneDrive devices is displayed in UTC time zone for administrators. However, end users will be able to see the snapshots of their OneDrive devices in the time zone that they configured.
Support for Azure Active Directory (AD) Conditional Access policies
If your organization uses Azure AD Conditional Access policies for authenticating and providing conditional access to users, the app configuration step will adhere to these policies. For more information, see Support for Azure Active_Directory (AD) Conditional Access policies.
After you complete the configuration of inSync with Microsoft 365 app, you can use the Verify Configuration option to check if inSync can access your users. For information about verifying configuration, see Configure Druva inSync for Microsoft 365.
Step 2: Configure SaaS Apps settings for OneDrive
Define the user attribute that you want inSync to use to map user account to their Microsoft 365 app account. For information about configuring user accounts access using the inSync email ID or Active Directory(AD) attribute and configuring the user custom domain for Microsoft 365, see Configure Druva inSync for Microsoft 365.
Step 3: Get user data encryption key(ekey)
To ensure that the Microsoft 365 data that is backed up is secure, you must configure inSync to get the data encryption key(ekey). For information about configuring inSync to get the data encryption key, see Configure Druva inSync for Microsoft 365.
Step 4: Configure a profile to protect OneDrive data
To back up Microsoft 365: OneDrive data, you must specify the Microsoft 365 backup settings in an existing profile or in a new profile. inSync will start backing up the user data from Microsoft 365 as per the backup schedule that is defined for a profile with SaaS Apps feature enabled. For information about configuring a profile, see Configure Druva inSync for Microsoft 365.
The setting options specific to OneDrive on the SaaS Apps screen are explained below.
|Backup SaaS Apps|
|OneDrive||Select this check box if you want to backup only OneDrive data.|
|Exclude File Types||
Enter the file extension to be excluded.
|Exclude paths and Folders||Enter the folder path to be excluded|
For more information on how you can configure the global exclude list, see Configure the global exclude list.
|Teams Meeting Recordings||
The backups will exclude all files from the default folder path of Teams Meeting Recordings (TMR) by default. The default folder path is /Recordings.
If you want to back up TMR files for OneDrive users in a profile, enable this setting.
If you disable the exclusion, a full scan backup will be triggered for all users in the profile.
For more information, see Exclusion of Teams Meeting Recordings from backups.