How to activate backups for Entra ID

Nexetic Backup for Entra ID requires it's own subscription. You can order the service directly from Nexetic. It will also be published in ALSO Cloud Marketplace in the beginning of August 2024.

Step 1. Sign into the backup portal

Open your web browser and go to the following address: Select Sign in with Microsoft 365. Insert your Microsoft 365 credentials for the tenant you want to back up.


Resellers can also sign in via Nexetic Portal.


App permissions have to be granted as part of the service activation, so the user account must be Global Administrator.


Step 2. Select Backup for Entra ID


Click the icon in the top-left corner of the page and select Backup for Entra ID.


Step 3. Select Settings page


Enter the Settings page by clicking the gear wheel icon in top-right corner of the page.

Step 4. Grant app permissions

Yo must grant permissions for the backup application to back up (read) and restore (write) data. If you haven't already granted the necessary permissions, you will see the 'Grant admin consent' button at the  Settings page. You can proceed to grant the needed app permissions by clicking the Grant admin consent button.


You will be directed to Microsoft sign-in process. Sign in with your Microsoft 365 Global Admin account and click Accept on the admin consent screen.


After granting admin consent, you will be directed back on Settings page and you can proceed to make the backup selections. By default backups for all directory objects are disabled (slide switches in gray colour).


Step 5. Configure the backup

You can select the following Entra ID directory objects for backup:

  • Users
  • Groups
  • (Built-in) roles
  • Custom roles
  • Applications
  • Service principals
  • Devices
  • Admin units
  • Sign-in logs


Enable backup by clicking the slide switches. You can choose freely which directory objects you want to back up; e.g. you can only back up Users, Groups and Sign-in logs. However, each selected directory object is backed up as a whole, so each selection covers the whole tenant. It is not possible to back up for example only part of the users, only users in certain groups, or only selected applications etc.

Step 6. Trigger full backup

Once you have granted app permissions and made backup configurations, the first full backup will start automatically with the current 2-times-per-day scheduling - so within the next 12 hours. You can also start the backup manually by clicking the icon at the top-right corner of the Settings page.



Was this article helpful?
0 out of 0 found this helpful

Articles in this section