Skip to main content
All CollectionsMicrosoft 365Protect your M365 dataProtect Groups
Configure Druva inSync to Protect Groups Data
Configure Druva inSync to Protect Groups Data

Steps to configure Druva inSync to protect Groups data

Updated over 3 months ago

License editions: To understand the applicable license editions, see Plans & Pricing .

Log in to the inSync Management Console as an inSync Cloud administrator. Follow these steps to configure M365 Groups with inSync.

Step 1: Grant permissions to access Groups data

To begin with Groups data backup, you need to authorize inSync with Microsoft Groups data access.

Once you initiate app configuration from the inSync Management Console, the application redirects you to the Microsoft 365 login page. Log in as a Global Administrator to review the requested app permissions and grant access to the app data. To know more about the requested permissions and their purpose, see Microsoft 365 Permissions for Druva App.

inSync communicates with Microsoft 365 services using OAuth 2.0, an open protocol for token-based authentication and authorization. For more information, see the OAuth website .

Watch this video on how to grant permissions

Procedure

  1. Click Register Microsoft 365 Account.

  2. On the Configure for Backup page, select Microsoft 365 Advanced app and click Configure to configure a group for backup.

  3. On the Microsoft 365 login page, enter the Microsoft 365 global administrator's username and password for Microsoft 365, and then click Sign in.

  4. Click Accept to grant the required permissions to access Groups data. See Required permissions to access Groups.

Step 2: Get data encryption key

Scheduled backup of SaaS Apps data requires access to the data encryption key to encrypt backed-up data.

This process is part of the digital envelope encryption process that Druva strictly adheres to. Druva does not store the user’s data encryption key and has no access to the data.

Select one of the following options to generate the data encryption key.

  • Cloud Key Management System (KMS) (recommended) - Uses AWS KMS services to encrypt and decrypt SaaS Apps data. You cannot disable this setting once saved. For more information, see Configure Key Management for SaaS Apps.

  • inSync AD Connector - Uses a connector installed on a Windows device or a server within your organization's network to provide the data encryption.

Things to consider:

  • Users don’t have to connect to their devices for backup.

  • Backup of the configured SaaS Apps data fails if a registered Connector is not connected.

  • The Connector does not require any domains or Active Directory mappings.

  • You get a Not Connected alert if the Connector is not connected.

Step 3: Configure Groups for backup and restore

You can configure Groups for backup and restore in the following ways:

  • Auto-Configuration: Use this method to automatically detect any new Groups and apply default or custom backup configurations and predefined schedules to each newly discovered and configured Groups.

  • Manual backup: You can define auto-configuration settings to start an unscheduled backup of Groups data when required.


🚩 Important

Due to API limitations, if you use a Shared Mailbox as a Global Admin account for configuring Druva inSync with Microsoft 365, Groups discovery might fail.


Where to go from here

Did this answer your question?