Solved

back up mailboxes from a different domain using the existing Exchange Online pseudo-client.

  • 17 April 2023
  • 2 replies
  • 55 views

Userlevel 3
Badge +13

Hello Community,

The question is about how to back up mailboxes from a different domain using the existing Exchange Online pseudo-client.

According to the CV mailbox discovery log, the process begins:

#1 the process begins by contacting the Azure AD connection details. 
#2 Then, CV identifies the AD cloud region and determines that we are using Exchange Online with an on-premises AD, which is the environment type defined in Commcell. 
#3 The local system account is used for LDAP to discover users from the on-premises AD.

Based on the CV mailbox discovery/backup process, it seems possible to configure the new domain in the existing Exchange Online pseudo-client. if so, can you please check see if the following steps works:

#1 Create a separate Exchange Online service account with exch admin role for the new domain and add it to Commcell Exch online config and  Create a new local system account which used to connect to the new domain if it resides on-premises AD - the new service account is also a member of the local admin for the Exchange Online backup proxies.

#2 Create a new AD group for auto-discovery association in Commcell for the new domain. Once the backup runs, CV should be able to pull users from this new AD group and back them up.

If the new domain is not in the on-premises AD, it may be necessary to create a new pseudo Exchange Online client to protect those mailboxes, correct ?

thank you

icon

Best answer by Orazan 18 April 2023, 11:29

View original

2 replies

Userlevel 6
Badge +15

Good morning.  As long as the Azure AD tenant ID is the same, we should be able to use the same virtual client to backup different domains in Exchange online, so 1 client per Azure tenant.

Userlevel 3
Badge +13

@Orazan  thanks


the current Commcell Exch pesudo client  is using Exchange Online with an on-premises AD. 

To facilitate LDAP user discovery from the on-premises AD, it seems necessary to create a service account specifically for the new domain.

This is because the local system account or service account currently in use is responsible for this function, and without it, connection to LDAP and user discovery from the on-premises AD would be impossible. what you thought?

Reply