1. Nexetic Support
  2. Nexetic Backup for Entra ID
  3. Getting Started

How to activate backups for Entra ID

Heli Siniharju
Updated

Nexetic Backup for Entra ID requires it's own subscription. You can order the service directly from Nexetic, from your service provider or from the ALSO Cloud Marketplace.

 

Step 1. Sign into the backup portal

Click the Register domain link in the service activation email that you received. Select Sign in with Microsoft 365 and insert your Microsoft 365 credentials for the tenant you want to back up.

entraid-signin-new.png

Resellers can also sign in via Nexetic Portal.

 

Note

App permissions have to be granted as part of the service activation, so the user account must be Global Administrator or Privileged Role Administrator

 

Step 2. Select Backup for Entra ID

EntraID-select-menu.png

You will land in the Backup Portal. Click the icon in the top-left corner of the page and select Backup for Entra ID.

 

Step 3. Select Settings page

entraid-move-to-settings.png

Enter the Settings page by clicking the gear wheel icon in top-right corner of the page.

 

Step 4. Grant app permissions

Yo must grant permissions for the backup application to back up (read) and restore (write) data. If you haven't already granted the necessary permissions, you will see the 'Grant admin consent' button at the  Settings page. You can proceed to grant the needed app permissions by clicking the Grant admin consent button.

entraid-grant-admin-consent2.png

You will be directed to Microsoft sign-in process. Sign in with your Microsoft 365 Global Admin or Privileged Role Admin account and click Accept on the admin consent screen.

entraID-grant-admin-consent.png

After granting admin consent, you will be redirected back to the Settings page, where you can proceed with your backup selections. By default, backups for all modules are disabled (the slide switches will appear in gray).

entraid-settings-new.jpg
 

Step 5. Configure the backup

You can select the following Entra ID categories and modules for backup:

  • Users & Groups:
    • Users
    • Groups
  • Applications: 
    • App Registrations
    • Enterprise Applications
    • Teams Apps
    • Mobile Apps
    • SharePoint Settings
  • Devices & Security:
    • Devices
    • Device Configurations
    • Device Compliance Policies
    • Bitlocker Keys
    • Conditional Access Policies
    • Risk Detections
    • Sign-In Logs
    • Audit Logs
    • DLP Alerts
  • Roles & Permissions:
    • Built-In Roles
    • Custom Roles
    • Permission Grant Policies
    • Admin units
  • Identity Governance:
    • Access Packages
    • Access Reviews
    • API Connectors
    • B2B Collaboration Settings
    • Identity Providers
    • Federated Configurations
    • Organizational Settings
    • Terms of Use
    • B2C User Flows
    • Sensitivity Labels
    • Sensitivity Label Policies
    • External Connectors
       

Enable backup by toggling the switches. To enable backup for all categories and modules, click Enable all

You have the flexibility to choose which categories and modules to back up — for example, you can back up everything under Roles & Permissions, or you can only select e.g. Customer Roles and Admin Units. However, each selected module is backed up in its entirety, meaning the entire tenant is covered for each selection. It is not possible to back up, for instance, only specific users, users in particular groups, or selected applications.

entraid-settings-new2.jpg


Step 6. Automatic full backup begins

After granting app permissions and configuring your backup settings, the first full backup will begin immediately. Subsequent backups will be performed automatically, following a schedule of two backups per day, with a 12-hour interval between each. You can also always start the backup manually by clicking the icon on the Settings page.

entraid-settings-trigger.png

 

Was this article helpful?
0 out of 0 found this helpful

Articles in this section