Active Backup for Microsoft 365 Admin Console

Create backup tasks for Microsoft 365 accounts and monitor the backup status via the admin console of Active Backup for Microsoft 365.

Before You Start

To install Active Backup for Microsoft 365, make sure that your Synology NAS is compatible with the package and that it is running on DSM 6.2 or above.

Create Backup Tasks

To authorize tasks:

Backup tasks require an Azure AD application and a certificate to authorize the access to Microsoft 365 data. Enter the required information to generate your application and certificate.

1. Go to the Task List page and click Create to launch the Task Creation Wizard.
2. Select Create a backup task.
3. Select your Microsoft 365 endpoint type. Enter a strong and memorable password to protect your certificate.
4. Sign in to Microsoft 365 as a global admin. Click Accept if you agree to the permission request.
5. Download and keep your certificate in a secure place.
6. Continue to the next section to customize the task settings.

To customize task settings:

1. Configure the following settings:
   • Task name: Enter a task name.
   • Backup destination: Choose a shared folder from the drop-down menu.
   • Backup list: Click Edit to select backup objects. You can use the magnifying glass icon in the search bar to specify the target account types.
   • Enable Active Backup for Microsoft 365 Portal: Choose whether or not to let users restore data on their own.
2. Specify the account types and the backup scope for auto-discovery, which will automatically include new objects into the backup task. This also applies to users updated to an applicable account type. (Learn more)
3. Set up backup and retention policies:
   • Backup policy:
     • Continuous backup: Based on the API request rate detected from the last backup, backup intervals will be dynamically adjusted from one to ten minutes.
     • Manual backup: Data will be backed up when you manually run the task.
     • Scheduled backup: Data will be backed up based on the schedule you set.
   • Retention policy:
     • Keep all versions
     • Keep previous versions for specified number of days: When a new version is available, the previous version will be preserved for the retention period you set, which has to be between one and 3,650 days.
       For example, when the first backup version is generated on Jan. 1 and the second one on Oct. 1, if the retention period of the task is set to 30 days, it starts from Oct. 1 and ends on Oct. 30. Therefore, the first version will be deleted on Oct. 31.
4. Check the task summary and click Apply to finish the task creation.

Relink Backup Tasks

To relink a backup task:

1. Go to the Task List and click Create to launch the Task Creation Wizard.
2. Select Relink an existing backup task and click Next.
3. Select the task you wish to relink and click Apply.
4. Once the task is relinked, it will appear on the Task List.

Manage Backup Tasks

On the Task List, you can manage all the tasks using the upper toolbar.

To manage a backup task:

1. Select the backup task you wish to edit and click Edit.
2. At the General tab, you can perform the following:
   • View the Microsoft 365 endpoint, domain administrator email address, and SharePoint domain name.
   • Modify the task name.
   • Enable or disable the Active Backup for Microsoft 365 Portal.
   • Manage the Azure AD application used for the task.
3. At the Auto-Discovery Service tab, you can specify the applicable account types or edit the target services.
4. At the Policy tab, you can configure backup and retention policies.

To edit users to back up:

1. Select a backup task and click Edit > User.
2. You can click Update Microsoft 365 User List to load the latest list.
3. Use the magnifying glass icon in the search bar to specify the target account types. You can click Reset to clear the criteria.
4. Tick the checkboxes of the users or services you wish to back up.

To edit groups to back up:

1. Select a backup task and click Edit > Group.
2. You can click Update Group List to load the latest list.
3. Filter different group types using the drop-down menu.
4. Tick the checkboxes of the groups or services you wish to back up.
   Limitation: Private groups without any owners and members cannot be backed up.

To edit sites to back up:

1. Select a backup task and click Edit > SharePoint.
2. You can click Update Site List to load the latest list.
3. Select Site or Personal Site from the drop-down menu.
4. Tick the checkboxes of the sites to back up.

To edit teams to back up:

Important: Team data belongs to sensitive data, which needs additional validation. For the first-time backup of teams, you will be required to apply for data access to Microsoft Teams.

1. Select a backup task and click Edit > Teams.
2. You can click Update Team List to load the latest list.
3. Tick the checkboxes of the teams to back up.

To delete a task:

1. Select a backup task and click More > Delete task.
2. Choose whether or not to also delete the backup data.
3. Click Delete.

To free up space using Storage Management:

1. Select a backup task and click More > Storage Management.
2. Switch to the corresponding tabs. Select the target users, groups, sites, or teams and click Delete.
3. Do the following according to the object type:
   • Users: Specify the service types to delete.
   • Microsoft 365 groups: Specify the service types to delete and choose whether or not to delete the member data.
   • Security/Distribution list/Mail-enabled security groups: Group member data will be deleted. Check the notes before ticking the confirmation checkbox.
   • Sites: Confirm the sites to delete.
   • Teams: Confirm the teams to delete.
4. Click Delete to start the deletion. Deleted data will be removed from the backup list.

Configure package settings

On the Settings page, you can set up concurrent backup limits and delegate user privileges.

General

You can restrict the bandwidth consumption of backup jobs by setting a limit to concurrent backups. The actual maximum number depends on the RAM capacity of your Synology NAS.

To specify the maximum number of accounts or files for concurrent backups:

1. Go to Settings > General.
2. Enter the maximum number of accounts or files to back up simultaneously. The allowed value ranges from 5 to 60.
   The maximum values based on the RAM capacity are:
   • 2 GB or less: 20
   • 2 GB - 4 GB: 40
   • 4 GB - 16 GB: 50
   • 16 GB or more: 60
   Keep in mind that a higher value may affect backup performance due to Microsoft throttling limits.
3. Click Apply to save the settings.

User Delegation

You can delegate management or operation privileges to non-admin users, allowing them to back up, restore, or delete data. Doing this can help ease the administrative burden and enhance the management efficiency.

To delegate privileges to one or more users:

1. On the User Delegation tab, click Add.
2. Select one or more users from the User drop-down menu. You can search for users by keyword.
3. Choose between Manager and Operator.
   • Managers have full package privileges.
   • Operators can be assigned specific privileges. Refer to the following table for details:

     	Privileges	Sub-Privileges
     Backup	Has access to the admin console Can create and edit backup tasks Can relink backup tasks Can trigger and cancel backups Can view backup details Can modify package settings	Can delete data Delete backup tasks Delete backup data through Storage Management
     Restore	Has access to the recovery portal Can restore backup data for all users and sites	Can preview and export data Preview content Export data to local devices
     		Can change restore destination Restore data to another user account or site

4. Click Add to finish the settings.

To edit user privileges:

1. Select one or more users and click Edit to modify their privileges.
2. Click Save to update the settings.

To remove user privileges:

1. Select one or more users and click Remove.
2. Confirm the action by clicking Remove.

View Task Information

Overview

On the Overview page, you can monitor the following information:

• Protected Service: The number of objects protected in each service.
• Backup Summary: The summary of all the backup activities in the past 35 days, including the backup status and the number of backup activities on each day. Check detailed logs by clicking on any of the following status icons:
  • - No backup history
  • - Upcoming backup
  • - Success
  • - Warning
  • - Error
• Activities: Current backup and restoration activities. You will be redirected to the Activities page when clicking on the arrow icon in the upper-right corner.
• Log: Recent logs. You will be redirected to the Log page when clicking on the arrow icon in the upper-right corner.
• Service Usage: The total storage space consumed by each service.
• Usage: The amount of storage space consumed by the users, groups, sites, or teams that have used the most capacity.
• Transferred Size: The transferred size of each task displayed by Day/Hour.

Task List

On the Task List page, you can see a list of all the backup tasks along with the following statuses:

• Successfully completed: All items are backed up.
• Completed with skipped items: The backup is complete but some items cannot be backed up. Click Attention to check the details.
• Canceled: The backup is canceled by an administrator.
• Failed: No items are backed up.

You can expand a task to find the following information:

• Tasks that are currently running: The elapsed time and backup items along with the usage consumption and statuses.
• Tasks that are complete: The last backup time, task results, and backup items along with the usage consumption and statuses.

On the menu of each backup task, you may see the following icons:

• - Success
• - Warning
• - Error
• - No items selected for backup
• - Preparing for backup
• - Ready for backup

Activities

You can perform the following on the Activities page:

• Monitor current backups and restorations:
  • Backups: The backup policy, elapsed time, and progress of each running backup.
  • Restorations: The elapsed time and progress of each running restoration as well as the account that executes a restoration.
• Quit a running task by clicking Cancel. Note that any tasks with the continuous backup policy applied cannot be canceled.

Log

The Log page helps you keep track of backup tasks. You can view all the logs or use filters to search for the logs of a certain task.

To search through log records with a filter:

1. Click the magnifying glass icon in the search bar on the upper right.
2. From the drop-down menu, filter events by:
   • Keyword: Enter the keyword you wish to search for.
   • Category: Select the category of the events you wish to view.
   • Level: Select the level of the events you wish to view.
   • Date: Enter a start and end date to find logs created within a specific period.
3. Click Reset to reset the filter.

To view log details:

Select a log and click the arrow icon on the right-hand side to view the detailed logs.

• For a backup activity, you can view the following information in the pop-up window:
  • Status: The duration, transferred size, and status of each object. Select an object type from the drop-down menu to view the statuses.
  • Log: Detailed logs about each service. Select a service from the drop-down menu to view the logs.
• For a restoration activity, you can view the following information in the pop-up window:
  • Restore Information: The source and destination account, duration, transferred size, etc.
  • Log: Detailed logs about the restoration process.

To export logs:

Click Export on the upper bar to download all the logs into a CSV file. If you want to export logs that match a specific condition, click the magnifier icon in the search bar to set the criteria.

Detailed Task Information

To view the statuses and logs of a task:

1. Select a backup task from the Task List and click Details.
2. In the Details window, you can view the following information:
   • Status: The last backup time and status of each backup object. Select an object type from the drop-down menu to view the statuses.
     Objects with a blue dot on the left-hand side are the ones that have been processed in the latest backup run.
   • Log: Detailed logs about the service selected from the drop-down menu.

Manage Notification Services

To enable notification services:

Go to DSM > Control Panel > Notification to configure the settings for the selected method: emails, SMS, or push services.

To manage events for notification:

Go to DSM > Control Panel > Notification > Advanced to configure the settings for the events you wish to be notified of.

By default, you will receive desktop notifications whenever a backup completes, fails, or is canceled. The only exception is that you won't receive notifications when a continuous backup completes, in case constant notifications might distract you from important issues.

Limitations

Some objects are not backup-compatible or will not be backed up under certain circumstances. The following lists the Microsoft 365 objects that cannot be backed up:

OneDrive

• Files and folders with names or paths that contain "#SynoVersionRepo", "#SynoRepo", or "#SynoVersions"
• Files and folders with DSM paths longer than 4,016 characters
• Files and folders with names that exceed 255 characters on the backup destination
• Files and folders with names that exceed 143 characters on an encrypted backup destination
• Files and folders stored in Shared with me

Mail

• Public folder mailboxes and on-premises Exchange mailboxes
  Refer to the table below for details:

  Mailbox type	Support status
  User mailbox	O
  Shared mailbox	O
  Archive mailbox	O
  Resource mailbox	O
  Site mailbox	O
  Public folder mailbox	X
  On-premises Exchange mailbox	X

• To Do in Outlook
• Reference attachments: Links to folders or files on OneDrive for Business or other supported storage locations. These are often attached to events, messages, Outlook tasks, or posts
• Mails in the Deleted folder when there are any contacts or calendars within the folder
• Notes

Contacts

• All contacts other than Your contacts (for example: folder structures, Groups, and Directory)
• Contact lists in Outlook People
• Contacts in the Deleted folder

Calendar

• Calendar events earlier than 1970/01/01 or after 2070/01/01
• Calendar folder structures: All calendars will be shown under the All Calendar folder
• Calendars in the Deleted folder
• Calendar events shared from other calendars

SharePoint

• Permission settings of SharePoint sites, while those of document libraries can be backed up
• Unsearchable SharePoint sites (How to make a site searchable)
• Two types of columns: Lookup and Person or Group
• Survey Options in surveys
• User interface elements in a non-default language on SharePoint sites, including titles and descriptions of sites, lists, and columns
• The following settings of lists and document libraries:
  • Document Version History (document library only)
  • Item Version History (list only)
  • Document Template (document library only)
  • Opening Documents in the Browser (document library only)
  • Custom Send to Destination (document library only)
  • Site Assets Library (document library only)
  • Dialogs
  • Automatic Index Management
  • Validation Settings
  • Audience Targeting Settings
  • Rating Settings
  • RSS Settings
  • Content Types

Teams

• The following settings of public teams and channels:
  • Team pictures
  • Team codes
  • Tags
  • Apps that are not stored in SharePoint (e.g., Survey)
  • Analytics
• Private channel settings
• 1-on-1 chat
• Teams in Microsoft 365 operated by 21Vianet