How to create an Azure Active Directory App registration with certificate based authentication for Veritas Alta SaaS Protection
Description
This article will walk through the steps for creating an Azure Active Directory App registration with certificate-based authentication for Veritas Alta SaaS Protection. This is used for backing up O365 Audit Logs, Shared Mailboxes and Inactive Mailboxes.
Navigate to https://aad.portal.azure.com/#blade/Microsoft_AAD_IAM/ActiveDirectoryMenuBlade/Overview
Take note of the Primary Domain as shown in the tile below.
*Important: Please send the domain name to your Veritas contact. They will then provide you with a certificate file at which point you can proceed with the steps in this article.
Now click on the tile to open the Overview page. Navigate to Manage and select App registrations.
Choose New registration.
Enter the name as: Veritas Alta SaaS Protection O365 Audit Log App
Configure the new app registration as shown below. The Redirect URI will be the Primary Domain noted previously.
Click Register which will open the Overview page of the new app.
Select Manifest. Find the requiredResourceAccess entry (on or about line 44).
Modify the resourceAppId, id, and type values as shown below and in the screenshot.
"requiredResourceAccess": [
{
"resourceAppId": "00000002-0000-0ff1-ce00-000000000000",
"resourceAccess": [
{
"id": "dc50a0fb-09a3-484d-be87-e023b12c6440",
"type": "Role"
}
]
}
],
Click Save when finished modifying the manifest.
While on the same page, select API permissions.
The following permissions should show from the edited manifest.
Click Grant Admin consent from <your company> and Click Yes to confirm.
The next steps will require the certificate cer file provided by your Veritas contact. Save this file to a folder as it will be needed next.
While still on the same page, click Overview and take note of the Application (client) ID which will be needed at the end of this process.
Select Certificates and Secrets
Choose Upload Certificate and browse to the cer file saved in the previous step. Click Add.
The certificate is now applied.
Browse back to the Azure Active Directory page and select Roles and administrators.
For capturing the M365 Audit log, search for Compliance Administrator and select it which will open the Assignments page. Click Add Assignments.
For capturing inactive and shared mailboxes, search for Global reader and select it which will open the Assignments page. Click Add Assignments.
In the search bar, type Veritas Alta SaaS Protection and add the newly created application and click the Add button.
That completes the process.
Please provide the information below to your Veritas contact.
Veritas Alta SaaS Protection O365 Audit Log App Client ID |
|
Was this content helpful?
Translated Content
Please note that this document is a translation from English, and may have been machine-translated. It is possible that updates have been made to the original version after this document was translated and published. Veritas does not guarantee the accuracy regarding the completeness of the translation. You may also refer to the English Version of this knowledge base article for up-to-date information.