Integrating with Cloud Dynamic Directory for RBAC in Veeam Backup for Amazon

APPRECIATIONS! Veeam Backup for Salesforce has been installed safely, and you are now prepared to grant access to your storage and / or Salesforce players. But how can I go about doing this? How do I begin? How do I enable Role Based Access Control( RBAC ) and what steps must I take? How can I make the most of my Azure Active Directory users and parties? Veeam Backup for Salesforce makes it incredibly simple and just requires a few steps, which is good news. Let’s’s get started! A URL may be provided to perform the basic shape after the installation is finished, for instance:

You can carry out the basic design if you copy the URL into a supported website. The creation of a central administrator account will be one step of the basic configuration:

Important: the username can be anything. The username of “admin” was used in the screenshot but is not specifically required.Once the local administrator is created and the rest of the configuration is completed, you will receive the following login prompt:

The fact that no web calls out” Single Sign – about with Azure AD” is one thing I want to emphasize. You can tell that Azure Active Directory consolidation is not yet set up in this way. The local executive that was originally configured as part of the basic configuration will be the only login credentials at this point. All activities in the Veeam Backup for Salesforce system can be carried out by the national executive. These include, but they don’t stop there.

  • Create layout options.
  • Make storage plans.
  • Keep an eye on storage jobs
  • Make recovery

However, it is not useful to manage Veeam Backup for Salesforce from a second account. This would entail many users using the same account to access the administration server. This raises a variety of difficulties:

  • unable to identify which individual is performing which actions.
  • unable to limit access to particular things or features for particular users.

Veeam Backup for Salesforce is a solution that integrates with Azure Active Directory, allowing you to include groups and / or pre-existing users. Additionally, these users and groups may be given particular assignments to specify the tasks they are capable of carrying out. This is referred to as” Role Based Access Control”( RBAC ). You can give individual and group members working with Veeam Backup for Salesforce four functions:

Role title definition
Administrator you carry out all shape actions as well as backup and restore operations. This function grants users access to all businesses and Salesforce entities that have been added to Veeam Backup for Salesforce.
Operator storage can handle all fix operations, manage the protected information, and create back policies. When giving customers this part, you can restrict their access to businesses and Salesforce organizations.
Operator for Restore can hardly carry out maintain operations. When giving users this part, you can restrict their access to businesses and Salesforce organizations.
Viewer you keep an eye on backup and restore procedures without carrying them out. When giving users this part, you can restrict their access to businesses and Salesforce organizations.
Access is denied directly forbids a particular person or group from managing Veeam Backup for Salesforce

How do you set up Veeam Backup for Amazon to use Azure Activity Directory and RBAC, then? Here are the guidelines you must take to complete it:

  1. With the national administrator account set up as part of the basic setup, access the Veeam Backup for Salesforce administration console.
  2. Take the ensuing actions:
  • In the upper right corner, choose” Configuration.”
  • Choose” Users and Functions.”
  • Choose” Single Sign-On.”
  • ” Enable Azure AD Authentication” should be turned on.
  1. Build Azure Active Directory after logging in to the Azure website.
  1. Create a membership for an game:

When you choose” New Registration ,” you will be asked for the following details:

  1. the title of the register for the game
  2. Choose” Supported Account Types” from the options.
  3. Set up the Redirect URI.
    1. Computer = Type
    2. The URL is listed as the” URL for recall” in the Veeam Backup for Salesforce design.
  1. To grant the game membership permissions using the Microsoft Graph API, follow the steps listed below:

You will now be able to search for or choose the following privileges.

  • GroupMember.Read.All
  • User.Read
  • User.Read.All

As an illustration:

One more crucial or key distinction for the GroupMember. View. Both All and User. View. You will need to” Grant administration consent” for all rights. Only select” Grant administration consent for” from the menu.

  1. You must release the Azure AD identification details in the Veeam Backup for Salesforce cabinet once the game enrollment has been created and the proper rights have been granted:

It will be necessary to update the following areas:

Name of the Field Industry quality and the location to see
Domain the hostname, fully qualified domain title, or IP address with which you will be able to access the Veeam Backup for Salesforce system.
URL for recall based on the website information inputted, automatically generated
ID of the guest the registered Azure AD application’s’s Application( client ) ID.
Card of the Tenant The registered Azure AD application’s’s Directory ( tenant ) ID. can be found in Azure Active Directory’s’s” Properties” glass.
Hidden Worth a secret train that the software uses when requesting tokens to establish its identity. software password is another name for it. can be found and generated in” Certificates & amp, Secrets” or” Customer secrets” for the newly created app registration.

7. You can save and confirm once all the data has been entered:

You can now ascribe roles and add users or user groups!

  1. Within the Salesforce management system Veeam Backup:
  • In the upper right corner, choose” Configuration.”
  • Choose” Users and Functions.”
  • Choose” Add User.”
  • ” Limited users or group” is the option.
  • Choose the appropriate group or users.
  • Choose the appropriate:
    • Company
    • Organization
  • Choose” Delegate Role” from the options.

You are now perfectly set up and prepared to use your Azure AD credentials to log in and process Veeam Backup for Salesforce. Lumber out of the Veeam Backup for Salesforce console to make sure everything is set up correctly. When the password prompt reappears, it does now appear as follows:

That’s’s all there is to it! You can link and use Azure Active Directory in your Veeam Backup for Salesforce implementation by simply following the aforementioned instructions.

%d bloggers like this: