Skip to main content
Configure inSync to protect OneDrive data
Updated over a week ago

License editions: To understand the applicable license editions, see Plans & Pricing.

This topic provides information about configuring Druva inSync to protect OneDrive data.

Before you begin

Before you initiate inSync configuration to protect Microsoft 365 data, ensure that you have the following accounts created.

  • You have an Microsoft 365 global administrator account with a valid Microsoft 365 license.

Configure inSync to protect Microsoft 365: OneDrive

Log in to the inSync Management Console as an inSync Cloud administrator and perform the following steps to set-up inSync to configure and protect OneDrive data.

Step 1: Provide inSync permissions to access OneDrive data

To begin with OneDrive data backup, you need to authorize inSync with OneDrive app data access. For procedure with screenshots, see Configure Druva inSync for Microsoft 365.

Once you initiate app configuration from the inSync Management Console, the application redirects you to the Microsoft 365 login page. Log in as a Global Administrator to review the requested app permissions and grant access to the app data. To know more about the requested permissions and their purpose, check the Microsoft 365 App Permissions for Druva App article.

inSync communicates with Microsoft 365 services using OAuth 2.0, an open protocol for token-based authentication and authorization. For more information, see the OAuth website.

πŸ“ Note

Snapshots of OneDrive devices is displayed in UTC time zone for administrators. However, end users will be able to see the snapshots of their OneDrive devices in the time zone that they configured.​

Support for Azure Active Directory (AD) Conditional Access policies

If your organization uses Azure AD Conditional Access policies for authenticating and providing conditional access to users, the app configuration step will adhere to these policies. For more information, see Support for Azure Active_Directory (AD) Conditional Access policies.

After you complete the configuration of inSync with Microsoft 365 app, you can use the Verify Configuration option to check if inSync can access your users. For information about verifying configuration, see Configure Druva inSync for Microsoft 365.

Step 2: Configure SaaS Apps settings for OneDrive

Define the user attribute that you want inSync to use to map user account to their Microsoft 365 app account. For information about configuring user accounts access using the inSync email ID or Active Directory(AD) attribute and configuring the user custom domain for Microsoft 365, see Configure Druva inSync for Microsoft 365.

Step 3: Get user data encryption key(ekey)

To ensure that the Microsoft 365 data that is backed up is secure, you must configure inSync to get the data encryption key(ekey). For information about configuring inSync to get the data encryption key, see Configure Druva inSync for Microsoft 365.

Step 4: Configure a profile to protect OneDrive data

To back up Microsoft 365: OneDrive data, you must specify the Microsoft 365 backup settings in an existing profile or in a new profile. inSync will start backing up the user data from Microsoft 365 as per the backup schedule that is defined for a profile with SaaS Apps feature enabled. For information about configuring a profile, see Configure Druva inSync for Microsoft 365.

The setting options specific to OneDrive on the SaaS Apps screen are explained below.



Backup SaaS Apps


Select this check box if you want to backup only OneDrive data.

Exclude File Types

Enter the file extension to be excluded.

Exclude paths and Folders

Enter the folder path to be excluded

Global Exclusions

  • In the Exclude Files box, type the file types that you want to exclude from the backup. The file extensions are automatically added to the adjacent field. If you want to remove a file type, click the file type.

For more information on how you can configure the global exclude list, see Configure the global exclude list.

Teams Meeting Recordings

The backups will exclude all files from the default folder path of Teams Meeting Recordings (TMR) by default. The default folder path is /Recordings.

If you want to back up TMR files for OneDrive users in a profile, enable this setting.

❗ Important

If you disable the exclusion, a full scan backup will be triggered for all users in the profile.

Step 5: Associate and add users to Microsoft 365 enabled SaaS Apps profile

The procedure to associate and add users depends on the SaaS Apps settings configuration set in Step 3. For details, see Configure Druva inSync for Microsoft 365.

Did this answer your question?