Skip to main content

Hi,

I have a question regarding the Graph API permissions for the Azure application that needs to be configured.

It’s related to this topic:

Azure Application API Permissions for M365 Services | Community (commvault.com)

 

Why is it necessary for Commvault to retrieve user list and licenses? And assign the application Directory.Read.All permission? 

 

During my testing, I managed to run a backup from a SharePoint Online site without this permission assigned. However, when attempting to restore back to the SharePoint Online site, it fails. In the Azure Storage account, I can see some items appearing under the container during the restore, but they are deleted after a short while.

 

In the log from the Commvault application server I see the following error message:

Error decrypting password. 

 

Is this error related to missing API permission? Or is it something else? 

The storage account is set up as descripted in documentation.  

Hello @HOFH 

The API permissions required are decided at the initial R&D phase after checking with Microsoft. If there are any advancements, the same is always updated in our documents. If the permissions are not selected as per the document and in case any type of issues occur in future, the first recommendation from support to our customers is to be on the same page with documentation and assign the correct permissions. 

 

For the restore issue, what type of restore are you performing? Could you please attach the whole log for review? Also, may I know the Commvault version you are using?

Best,

Rajiv Singal

@HOFH good day!
During sharepoint online restore directly to O365 we will leverage Azure Storage account for  temporary staging purpose while restore.
we also use default container in recent Feature release by default.
if restore is sucesfully then you can safely ignore traces noticed in logs(cvsprestore.log i assume) , if not would request create a case to review the details of failures for restore job.

Regards
Sujay 

Hello @HOFH 

The API permissions required are decided at the initial R&D phase after checking with Microsoft. If there are any advancements, the same is always updated in our documents. If the permissions are not selected as per the document and in case any type of issues occur in future, the first recommendation from support to our customers is to be on the same page with documentation and assign the correct permissions. 

 

For the restore issue, what type of restore are you performing? Could you please attach the whole log for review? Also, may I know the Commvault version you are using?

Best,

Rajiv Singal

 

Thanks for the reply!

 

I will ask the team working on this to grant all the described permission, and then we'll try again. If any errors occur again, I will create a new case and attach the log.

@HOFH good day!
During sharepoint online restore directly to O365 we will leverage Azure Storage account for  temporary staging purpose while restore.
we also use default container in recent Feature release by default.
if restore is sucesfully then you can safely ignore traces noticed in logs(cvsprestore.log i assume) , if not would request create a case to review the details of failures for restore job.

Regards
Sujay 

Thanks for the reply!

 

I will try to elevate the permissions as described in the documentation and attempt a new restore.

Reply


Terms & ConditionsCookie settings