Solved

Exchange Online: access node member of domain (?)

  • 1 April 2021
  • 2 replies
  • 264 views

Userlevel 2
Badge +8

Hi,

I want to backup Exchange Online using an on-premises Active Directory environment:

Does anyone know why the access node needs to be “member of the domain”? As the Exchange Online service account “must be created in Microsoft Azure AD only” (https://documentation.commvault.com/11.23/expert/28853_assigning_full_access_to_service_accounts_for_exchange_online_through_on_premises_active_directory.html)?

Why can it not be “any domain”? Why can I not access the Exchange Online data just with the service account? We have a setup that makes an access node that is “member of the domain” a bit difficult, as our CommCell serves more than one O365 environment.

Thanks!

icon

Best answer by Jason Sherry 1 April 2021, 18:46

View original

2 replies

Userlevel 2
Badge +6

Hi,

For that configuration you actually need 2 accounts one local and the other an online account.  The local account is to query local AD and the other to query azure.

If you have to use an access node not in the domain you are backing up, I would suggest using the Exchange Online (Access through azure active directory) configuration. 

https://documentation.commvault.com/11.23/essential/93446_exchange_mailbox_user_mailbox_exchange_online_through_azure_active_directory_environment.html

Thanks,
Chris

 

Userlevel 4
Badge +5

I do not know the answer to you direct question, I assume this support is here for some special case. Using this option the Access node must be domain joined, same for Hybrid configuration, and authentication is done against the on-prem domain controllers I assume, before connecting to EXO. 

 

If you only plan to backup EXO based mailboxes, the best option is to go with Exchange Online (Access Through Azure AD). It also best to configure this support through the Command Center Console (web) vs the Java\CommCell console, since that is where development is focused moving forward.

The CCC has an “Create Exchange Online app” wizard that makes the setup much easier:

 

Using the Java\CommCell console the steps for setting up EXO support using Azure AD only are here:

Configurations for the Exchange Mailbox Agent User Mailbox Exchange Online(Through Azure Active Directory) Environment (CommCell Console) (commvault.com)

Reply