Carbonite Backup O365
Introduction
What sets Carbonite Backup for Microsoft 365 apart?
Carbonite Backup for Microsoft 365 is a complete cloud-to-cloud backup for Microsoft 365. The data is hosted in Microsoft Azure.
Carbonite Backup for Microsoft 365 offers backup features for the entire Microsoft 365 suite, such as Exchange Online, OneDrive for Business, SharePoint Online,
Microsoft 365 Groups, Teams, Project Online, Public Folders and Yammer to protect your data. These types of objects are backed up and restored independently.
You can carry out your backups automatically up to four times per day. Carbonite Backup for Microsoft 365 allows you to rollback at the site level
or restore individual items such as mailboxes, conversations and files.
Why do you need a backup for Microsoft 365?
- Protect your Microsoft 365 data from accidental deletion
- Protection against data loss caused by malware
- Gaps in retention policies
- Reduce data loss and optimize recovery times
- Microsoft does not provide data backup
Management Portals
Carbonite Backup for Microsoft 365 consists of three areas for managing your backups of Microsoft 365 object types. The three areas are as follows:
- Partner Portal
- Customer Portal
- Endpoint Portal
1.) Partner Portal
In the Partner Portal you invite your end customer tenants to Carbonite Backup for Microsoft 365. Furthermore you have
In the partner portal you have the option of reporting reports such as a storage consumption report or the job status of all backups
of your end customers. In the partner portal you have an overview of the end customers you need to secure.
2.) Customer Portal
The Customer Portal is operated at tenant level and in this area you can make general configurations such as
configure an authentication method or a scan profile (comparable to a backup job). The Customer Portal
is generally considered a configuration portal.
3.) Endpoint Portal
In the Endpoint Portal you can monitor your backups and perform restores/exports. Email notifications
for your backup jobs are also configured in the Endpoint Portal.
=== Supported browsers
- Internet Explorer (IE11)
- Google Chrome (latest version)
- Mozilla Firefox (latest version)
- Safari (latest version)
- Microsoft Edge (latest version)
Initial setup at first glance
You can use the quick start guide to carry out the first three steps of the initial setup: Quick Guide Link
The manual setup process in Carbonite Backup for Microsoft 365 is as follows:
1.) In the first step you have to add the tenant to Carbonite Backup for Microsoft 365 in the Partner Portal. Further information can be found at: Partner Portal
2.) In the second step you must configure an authentication method in the customer portal. You have the option to configure an app profile or a service account.
Further information about the app profile can be found under the following Link.
Further information about the service account can be found at the following Link.
Basically, you need to configure an authentication method because Microsoft closes a session after 24 hours for security reasons.
Carbonite must therefore receive permission to access M365 data from Microsoft every 24 hours. So that you don't have to authenticate yourself manually every 24 hours
two authentication methods have been implemented. Further information about the authentication methods can be found at the following methods Link.
3.) After configuring the authentication method, you must also configure a so-called scan profile in the customer portal.
In the scan profile, you specify which object types you want to secure from the tenant and assign the authentication method to the scan profile.
Further information about the scan profile can be found at the following Link.
4.) Finally, in the Endpoint Portal you must configure the desired schedules per object type and an email notification in the event of failed backups, for example.
Further information about configuring the schedules can be found at the following Link.
Further information on configuring email notifications can be found at the following Link.
Which objects from the M365 applications are supported or secured?
To find out whether your desired elements are supported, please refer to the links listed below from the manufacturer's knowledge base:
Quick Start Guide
Step 1: Activation link
Navigate to the following window by clicking on Carbonite's confirmation link after completing your order in the Cloud Center.
Please enter your password for your master account in Carbonite Backup for Microsoft 365.
https://backupoffice365.carbonite.com/partnerlogin
Step 2: Login to the Partner Portal
After you have assigned your password for the master account and accepted the license terms, you will be automatically redirected to the homepage of your partner portal:
Step 3: Invite a new customer tenant
First navigate to the customer directory to add a new end customer tenant.
Further information can be found in the following wiki article.
Step 4: Configure notifications
For the initial setup, we recommend that you configure email notifications for failed backups.
This is described in the following wiki article.
Partner Portal
Dashboard
To view more detailed information about the backup status of your invited tenants, please navigate to the Directory Customer Directory.
The individual numbered widgets in the NextGen Dashboard are explained below:
1.) Number of failed backups and number of customers with failed backups
2.) Number of invited customer tenants
3.) Number of newly invited customer tenants in the last 7 days
4.) Storage type of invited customers. Our license model only includes the “Carbonite” storage type.
5.) Display of the data usage in the respective storage type. Please note that the Carbonite storage used in the respective data center is not relevant to the bill!
6.) It is possible to pin customers who are in the customer directory to the dashboard.
7.) Analysis of unusual activities => Ramsonware detection of OneDrive data in your secured tenants.
Customer directory
In the Partner Portal you can add and manage your customers to Carbonite Backup for Microsoft 365 via the “Customer Directory” tab.
1.) Click on the organization name to access the tenant overview. There you can, among other things, view the status of the secured tenant and, among other things, [1]adjust the license status.
2.) By clicking on the registered global administrator you will go directly to the customer portal of the respective tenant.
3.) Status of the last scan and backup process.
4.) By clicking on the lines of a customer tenant you can select which portal you would like to access.
Carbonite Backup for Microsft 365 -> Endpoint Portal
Carbonite Cloud Backup Admin -> Customer Portal
5.) Click on the three dots to open the options menu for the respective tenant.
6.) By clicking on “Reports” you can export two different reports. Further information can be found in the following article:
Export consumption data or reports
7.) Invite new end customer tenant.
Invite new tenant
To add a tenant to Carbonite Backup for Microsoft 365, please navigate to the "Customer Directory" tab in the Partner Portal.
Then please click on “New Onboard Client” at the top right. In this step you have the following two options:
- Invite the tenant with the global administrator
- Invite the tenant with a local user
- Invitation via an authorization link
We expressly recommend that you invite your desired end customer tenant with the global administrator, as an app profile can be automatically configured for the initial setup.
Further information about an app profile can be found under the following Link.
Step 1
In the first section, you will need to provide general account information, as well as the desired target data center to which you want your Microsoft 365 environment data to be backed up.
Please note that the selected data center cannot be changed afterwards. The data is backed up in a wider area in Microsoft data centers.
These are also replicated in another data center so that you have two backup copies available.
You can find an overview of Microsoft data centers at the following link:
https://azure.microsoft.com/de-de/global-infrastructure/geographies/
Step 2
You must then add the Carbonite Backup for Microsoft 365 service to the end customer organization. In this step you add a backup license to the tenant. Please click "Next".
Step 3
The next step is to provide the license information.
1. To assign a full backup license to the end customer tenant, select the "Subscription" license type. With a test license you only have the option of securing up to 5 users of a tenant.
2. Only "Unlimited Users" can be specified under the "Subscription Model" field. Since Carbonite Backup for Microsoft 365 has a storage-based licensing model, the number of users is not limited.
3. The license model provides for the exclusive use of Carbonite's storage. Selecting a custom storage is currently not possible.
4. Furthermore, you can only keep your data for up to one year.
5. Please set the license expiration date to a desired date. The maximum date of the license is related to your MSP license (partner license in Carbonite Backup for M365). As a rule, this is the day of the invitation plus 7 years.
- You can view your partner license under the “Reports” tab and then “License usage”.
- You can find further information about the license expiration date here.
IMPORTANT: If the expiration date is reached, backups and restores will no longer be possible.
You then have a maximum of 60 days to extend the expiry date! Generally, you will be notified 30 days before the license expiration date.
Then click on “Next”.
Step 4
In the fourth step of inviting the end customer tenant, please check the data you provided. Please click "Finish and start service".
Step 5
In the last step, everything is listed again which object types/applications will be scanned and backed up after the services are started.
Optionally, you can also have the archived mailboxes scanned. To do this, click on the checkbox and then click “Start”.
Next, you will be asked to accept the Carbonite for M365 subscription agreement.
The setup is now complete!!!'
You can now view the scan profile created using the wizard under Scanprofile. An “auto discovery” of the objects is automatically started when the services are started.
The objects found are then stored in so-called containers, which are also automatically saved in the backups in the Endpoint Portal.
Edit license information / subscription
If you hover over the Products & Licenses field in the tenant overview, three dots will appear.
With one click you get to the “Edit license” menu.
The license expiration date determines how long you want to offer the product to your end customer. We recommend that you select a date in the future. See example:
If your end customer is considering canceling the product from you as a specialist retailer, they can click on “Expiry now”. The date is then set to today.
Further information can be found here here.
Please note that once the date is reached, neither backups nor restores are possible! As a rule, you will be notified in good time
If you cancel the product with us in the TERRA Cloud Center or delete the tenant in the Partner Portal, the license expiration date will be set to the day of this action (termination/deletion in the portal).
Your backup data will be retained for a maximum of 60 days after the license expiry date is reached.
If you have made any changes, please press Save.
Export consumption data or reports
By clicking on “Reports” in the customer directory, you can export two different reports. Customer information including consumption information such as: the protected capacity and backup job information such as status etc.
By clicking on "Export now" you have the option of exporting the current consumption status of your invited tenants as an xlsx (Excel) file.
Alternatively, you can configure a schedule and have a consumption report sent to you either daily, weekly or monthly.
Attached is an excerpt from the exported report from our test access. Please note that only the protected capacity is relevant to your bill.
In this case you would have a total of 28 GB and you would only be charged for one package (100GB).
Reports
Above the “Reports” tab you can see the following report options:
Customer Operations:
The Customer Operations Report page shows a summary of all customers, sorted by online services. You can click on a service card to view the summary details.
License Usage:
To view the license usage report, go to the Reports page and click License Usage. The current user's license information is displayed in the current usage tab.
Memory Usage:
The Storage Usage Report page displays a summary of all customers sorted by data amount.
User Activity:
You can check the activity report to view user activity for the selected month.
This report is similar to an audit log for Partner Portal users, documenting all changes in the Partner Portal.
Insight:
To access insight reports, go to the Reports page and click Insight Report.
Custom:
You can create custom reports using “Create Report”.
Custom Reports
In the dashboard you have the option to add custom reports to your dashboard. If licenses have expired, no backups can be carried out for the tenant.
For this reason, we recommend that you attach a license status report to the dashboard.
Basically you can configure a custom report using the following values:
- Service, Country or Region, License Type, License Status, License Model, Organization, Tagging, Retention, User Seats Purchased, Capacity Purchased, Microsoft 365 Licenses Assigned,
protected capacity or storage type
You can display the reports as a pie chart, line chart or column chart. Additionally, you can configure the report as an email notification.
Export reports
If necessary, you can send a time-based report about the export settings to a recipient by email:
1.) Check “Export report on a schedule”.
2.) Then please click on “Configure export settings”.
3.) Please enter your desired interval under “Frequency”. You have the option to send the report daily, weekly and monthly.
4.) Under file type you can only select “Excel workbook”.
5.) Enter a desired date under start time.
6.) You also have the option to configure an end date for the email notification.
7.) In the last step you must enter the desired email addresses to which the report should be sent. For additional email addresses, please ensure that you separate the email addresses with a silicon colon.
8.) Then please click on “Save”.
Show protected capacity in report
To receive a separate report on the billing-relevant "Protected Capacity", first navigate to the dashboard in the Partner Portal and click on "Add custom report" in the top right corner
Alternatively, you can configure a report in the Partner Portal under the "Reports" tab and then at the top left under "Create report":
IMPORTANT: Please note that the consumption overview is only updated approx. 24 hours after a backup.
1.) In the first step, please enter a name for the report. The “Description” field is not a mandatory field
2.) In the second step, please add a report part.
3.) First select a desired name for the report part.
4.) In the next section, please use the “pie chart” template for a better overview
5.) If only some of the end customer tenants should be added to the report, you have the option to filter by organization using the data filter and select the desired tenants.
6.) “Protected Capacity” must be selected under the legend source
7.) Please then click on “Save”.
Settings
System Settings
You can customize system options, manage users, configure notification settings, and manage customer feedback in the Partner Portal.
1.) General Settings allows Carbonite Backup for Microsoft 365 partners to configure the time zone, date or time display format, and a session timeout for their tenant.
2.) Create markers or tags to categorize the invited customers. You can tag customers when inviting or editing customer accounts, and filter by tags in the customer directory.
3.) It is possible to configure additional storage targets in the storage profile settings. Since this is not possible or provided for in our license model, this is fundamentally irrelevant.
4.) If some of your customers use the Carbonite Backup for Microsoft 365 service, you can configure insight rules in this portal to dynamically view the status of jobs
- Monitor object registration and Microsoft 365 backup jobs for customers. You can view all insight reports under Reports > Insights Report.
5.) You can activate and configure trusted IP addresses.
Account Management
1.) In this area you can create a new user for the Partner Portal.
Select login method - Select the login method from the drop-down list:
Local User - The local system checks the user's credentials.
Microsoft 365 User/Group - Microsoft 365 users and groups become Carbonite Cloud Backup Partner Portal users.
- You can use your Microsoft 365 login IDs to log in to the Carbonite Cloud Backup Partner Portal.
App Profile - This option only appears if Microsoft 365 User/Group is selected as the sign-in method.
An app profile is required to add or verify Microsoft 365 users/group users.
Select a previously configured app profile or click New App Profile. Further information can be found here here.
For Microsoft 365 users/groups, enter the Microsoft 365 login or Microsoft 365 group names.
If the Microsoft 365 group consists of nested groups, Carbonite Cloud Backup Partner Portal only adds users to the first five levels.
If you select Microsoft 365 User/Group as your sign-in method, you can enter or select All, which includes all available users in your Microsoft 365 tenant's Azure AD. (Not recommended)
If you select "Everyone" as a Carbonite Cloud Backup Partner Portal user, those users can log in to the Carbonite Cloud Backup Partner Portal and perform the corresponding actions according to the permissions of the groups to which the users were added.
You can also use the Browse or Search button to view the users or groups within the selected profile, and then select the users or groups you want.
Finally, click Save to save your configurations or Cancel to return to the User Management page without saving the configurations.
After successfully adding a user, they will receive an invitation email containing the user ID. The user needs to activate the account and set the password.
2.) If necessary, in the role settings you can configure various rights for users for the Partner Portal who, for example, should not be administrators.
3.) Under Customer groups you can configure groups if you want to divide your customers.
Notification settings in the Partner Portal
1.) After a user or customer is invited into the system, Carbonite Backup for Microsoft 365 Admin for Partners sends an email to the user or customer using the standard invitation email template.
2.) There is a built-in user invitation template and a built-in customer invitation template.
You can create customized invitation email templates and set them as default templates.
3.) See article below Jobnotification Profile
4.) If you want to send invoice reports to customers, you need to configure invoice profiles.
Invoice profiles allow you to add invoice information, discount information, and customize the frequency of sending invoice reports.
Job Alert Profile
The possible errors in the scan or in the backup can be sent automatically by email or via job notification profile.
The notification profile can be set up via the Partner Portal. To do this you need to navigate to Settings->Notification Settings->Job Alert Profile and then create a profile.
1. Profile name
2. + 3. Backup and/or AutoDiscovery
4. Name of the recipient
5. Which status should be sent as an email?
6. Save
Then go back to the customer directory and then click on the three dots.
Then click on notification settings and select the profile you created.
Additionally
App profile settings in the partner portal
Under Additional > App Management, click Create.
Choose a profile name (this can be adjusted later), log in as a Microsoft 365 user and grant the appropriate permissions.
Click OK to continue. Next, enter the sign-in ID and password for a Microsoft 365 Global Administrator account, then click Sign in.
This account will be added to the built-in Administrators group if the account does not already exist in the Carbonite Cloud Backup partner portal.
Review the permissions required for the Carbonite Cloud Backup Partner Portal and click Accept to continue.
Analysis of unusual activities
Unusual activities (orange line) are intended to catch malicious activities or ransomware attacks that do not obviously directly encrypt files (e.g., those that copy files, change names/encrypt, and delete the original file).
However, this is not a perfect system for detecting activity as daily traffic may change and appear unusual.
For example, you could initiate a migration of a number of users, or have a user perform a cleanup of their OneDrive during their work day.
It may be normal for a user to make changes that do not correspond to their everyday patterns.
While you should be aware that these changes are occurring, you probably do not need to respond to every report of unusual activity.
Machine learning algorithms detect unusual activity and potential ransomware attacks in OneDrive for Business from one backup to the next.
These heuristics take approximately 12 days to establish a baseline. Our tracking checks the last 30 days to show trends.
We notify administrators if backups within the last 24 hours are suspicious due to their change rates (from a copy -> encrypt -> delete attack) or their encryption status.
Additionally, it takes about a month for the feature to come online, but during that month a baseline is established for the incoming and outgoing data and any changes to the backed up files.
With this baseline, the feature will alert the customer if something occurs outside of this baseline.
Suppose the baseline detects that users typically upload fewer than 100 files on a given day.
At some point we notice that a user has uploaded hundreds of file changes in a day. Since this is outside the norm, the administrator will receive an alert informing them of this change in behavior.
It could be harmless and the user just added a new client file with lots of documents to upload.
It could also mean that the user's local OneDrive files have been encrypted due to a virus and now all of the user's files are showing as modified.
The client should respond by reviewing the alert and responding accordingly. If it's just a big new client, don't do anything.
If all of the user's files are encrypted, clean the computer locally, remove the files from the user's OneDrive, and restore the backup to the original location from the backup before the files were encrypted.
If a ransomware case occurs (red line), the following knowledge base article from Carbonite will help you:
https://support.carbonite.com/endpoint/articles/Carbonite-Backup-for-Microsoft-365-Ransomware-Detection
Customer Portal
The Customer Portal is operated at the tenant level and is considered a general configuration portal.
The most important functions in the Customer Portal are, on the one hand, the two authentication methods “App Profile” and “Service Account” and, on the other hand, the “Scan Profile”.
How do I get there?
There are several ways to get to the customer portal. Basically, Carbonite's Customer Portal is also called Cloud Backup Admin.
or
Administration
Tenant Management
Tenant management is intended to make it easier for the end user to set up backups to connect to the correct tenant.
If you see the message "New connection recommended" behind the tenant name, please select the tenant and then click Reconnect!
App management
An app profile can authenticate your Microsoft 365 tenant for Carbonite Backup for Microsoft 365 without requiring the Microsoft 365 account username and password.
An app token' is used for security and administration. The app profile is required for dynamic object registration to scan object types in the Microsoft 365 environment
and then implement the object types into Carbonite Backup for Microsoft 365. Due to Microsoft API restrictions, the app profile contains restrictions.
Please note that the button is only there for authorization and runs in the background.
Creating an app profile
1.) You have the option to authenticate your Microsoft 365 environment in the app profile using the global administrator. You can grant SharePoint Online and Exchange Online permissions to the app profile. If you are not logged in with a global administrator, please click “Log out and use another account”.
First select the service and click "Next".
Choose between classic or modern mode. Both modes lead to the same result.
1. The classic mode (Recommended)
Required: Select Microsoft 365 (All permissions) and grant Carbonite Backup for M365 permission to search the customer's M365 Services for items to back up.
Optional: Select Yammer to grant Carbonite Backup for M365 permission to search the customer's Yammer Services for items to back up.
Recommended: Select Delegated App and give Carbonite Backup for M365 permission to scan the following services using AutoDiscovery:
2. The modern mode
This mode is recommended if you do not have or want to specify a global administrator, but separate administrators for the Exchange, SharePoint, etc. applications in the tenant.
To do this, give your consent for the Carbonite backup for M365 of the respective application.
You can also integrate your Azure app into Carbonite Backup Microsoft 365.
Further information can be found at the following link:
https://docs.microsoft.com/en-us/azure/active-directory/develop/active-directory-how-applications-are-added#who-has-permission-to-add-applications-to-my- azure-ad-instance
- The next step is to accept the permissions for the account you are authenticating with. You will be redirected automatically.
- After you have created one or more app profiles, the scanning profile will automatically use this authentication.
Service Account
A service account is another authentication method to integrate your Microsoft 365 tenant with Carbonite Backup Microsoft 365.
Basically, the Microsoft 365 account credentials are used in the profile and requested from Microsoft according to a configured schedule. If the password changes at the M365 level, re-authorization will be necessary.
We recommend that you use the service account for the "Project Online" object type.
However, a service account must be authenticated by a Global Administrator, SharePoint Online Administrator, or Exchange Online Administrator account.
Please note that an M365 license is also required for the user specified there.
The service account is also used for dynamic object registration to scan the object types of your Microsoft 365 environment and implement them into Carbonite Backup Microsoft 365.
Creating a service account
1.) We recommend that you specify the object types to be backed up under the profile names for a better overview.
You also have the option to specify your SharePoint URL and use email notifications.
Functional overview of authentication methods
Basically, you can refer to the following functional overview to check which licenses are required for which users (roles) in order to be able to fully use Carbonite Backup for M365
In the diagram, the User account (M365 user or Seat) is distinguished from the Global Administrator role.
| Object type | Authentication method | Required roles/permissions | Required license in M365 | |
|---|---|---|---|---|
| Exchange Online Mailboxes | App profile | Exchange Online rights | ||
| Service account | Exchange Online Administrator | To scan mailboxes, the User account must have the Exchange Online product license assigned to it in Microsoft 365. | ||
| OneDrive for Business * | App profile | Sharepoint Online rights | ||
| Service account | SharePoint Online Administrator | |||
| SharePoint Online Site Collection * | App profile | Sharepoint Online rights | ||
| Service account | SharePoint Online Administrator | |||
| Microsoft 365 Group | Microsoft 365 Group | App profile | All rights | If you want to secure or manage Microsoft 365 Groups, the Microsoft 365 Global Administrator' used to create the app profile must have the Exchange Online Product License in Microsoft 365. |
| Service account | SharePoint Online Administrator and Exchange Online Administrator | If you want to secure or manage Microsoft 365 Groups, the 'user account' must have the Exchange Online product license assigned in Microsoft 365. | ||
| Microsoft Teams | App profile | All rights | ||
| Service account | The user account must be an owner or member of scanned teams. | To back up and restore Teams, the user account must have the Microsoft Teams product license assigned to it in Microsoft 365. | ||
| Microsoft Teams Chat | Only supported with custom Azure app profile | User.Read.All: Get the user profiles of Microsoft 365 users Chat.Read.All: Back up Teams chat messages (user-to-user). |
Further information about MS Teams Chat backup can be found in the following Wiki article | |
| Microsoft Planner | App profile | Only possible with a “Delegated Microsoft App Profile”. Further information can be found at here | To back up and restore Planner, the user account must have the Microsoft Planner product license assigned in Microsoft 365. Note: If the If a delegated app is used for authentication, the delegated app's authentication user must have a Teams license assigned. If the Cloud Backup for M365 service uses this app to protect Planner data, the authenticating user must have an Exchange license. | |
| Service account | The user account must be both an owner and a member of scanned Microsoft 365 Groups and Teams. | To back up and restore Planner, the 'user account' must have the Microsoft Planner product license assigned in Microsoft 365. | ||
| Project Online Site Collection | App profile | Unsupported | Unsupported | |
| Service account | SharePoint Online Administrator | To scan and backup Project Online site collection, the user account must have the Project Online product license assigned in Microsoft 365. | ||
| Exchange Online Public Folders | App profile | Exchange Online rights | Scanning and backing up Exchange Online public folders requires that the 'Microsoft 365 Global Administrator' used to create the application profile has the Exchange Online Product License in Microsoft 365. | |
| Service account | Exchange Online Administrator | To scan and back up public Exchange Online folders, the user account must have the Exchange Online product license assigned to it in Microsoft 365. | ||
* Note: When Carbonite Cloud Backup Admin scans SharePoint Online Site Collection and OneDrive for Business, it checks whether the Microsoft 365 account specified in the corresponding service account/app profile already Has Site Collection Administrator permission for Site Collection and OneDrive for Business. If the Microsoft 365 account does not have this permission,
Carbonite Cloud Backup Admin assigns Site Collection Administrator permission to this account so that Carbonite Cloud Backup Admin can get the required properties,
used by Auto-Discovery and other Carbonite services. Once the scanning and filtering process is complete, this account will be granted Site Collection Administrator permission
for the object will be revoked if the object is not added to a dynamic Container.
User management
Create user
1.) You have the option to add a local user or user from a tenant.
2.) If you select the Microsoft 365 User/Group option, you must select the Microsoft 365 Tenant.
3.) Under “Add user” you can enter the user’s email address.
4.) Please select the user's role. More about this in the following Roles article
5.) If you select “Tenant user”, you have the option of creating the tenant user as a standard user or application administrator.
User Roles
- Tenant Owner:
This is the user whose account was used to sign in to Carbonite Backup for Microsoft 365 Admin.
There is only one tenant owner per Carbonite Backup for Microsoft 365 Admin Tenant. As a tenant owner you can carry out the following actions:
- Access to online services (if there are available licenses)
- View license information
- Apply promotional codes
- Manage users
- App profile management
- Service account profile management
- Manage automatic discovery
- Encryption profile management
- Enable report data collection
- Export user activity report
- Configure email recipient lists
- Activate integration with SCOM
- Enable trusted IP address settings
- Configure session timeout duration
- Download a list of reserved IP addresses
- Send feedback
- Edit personal profile information
- Service Administrator:
The tenant owner or another service administrator can add service administrators to Carbonite Backup for Microsoft 365 Admin.
Service administrators can perform the same actions as the tenant owner.
- Tenant User :
The tenant owner and service administrators can add tenant users to Carbonite Backup for Microsoft 365 Admin.
Tenant users can be standard users or application administrators:
- Standard User:
- Application Administrator:
Auto Discovery
The feature automatically registers the following objects in your Microsoft 365 environment:
- SharePoint Online site collections
- OneDrive for Business
- Exchange Online mailboxes
- Microsoft 365 Groups (including Group Team Locations, Group Mailboxes, and Teams)
- Project online site collections
- Exchange Online public folders
Scanprofil
In the scan profile you specify which object types of the desired tenant you want to backup and can therefore be compared as a backup job.
You also add the previously created authentication method (app profile or service account) to the scanning profile and specify an authentication schedule.
Basically, no backups are carried out during the scan. During the scan, Carbonite receives permission to access the data exclusively from Microsoft
Your Microsoft 365 environment and scans the meta information of your objects to be backed up.
First select the desired tenant and then select the object types that should be scanned using AutoDiscovery from the M365 tenant.
In the next step, enter a name for the scanning profile.
Since we want to scan the public folders from Exchange Online in our example, the impersonation account is required.
Enter the username of a Microsoft 365 user that will be used to call Exchange Web Services API.
The user must have an Exchange Online product license assigned in Microsoft 365.
If you want to scan and protect Exchange Online public folders, this user must be in the public folder ownership group.
For more information about impersonation technology, see Impersonation and EWS in Exchange.
You can configure the scan profile in Express mode or in Advanced mode and is explained in more detail below.
Creation of a scan profile in Express mode
In Express mode you just have to tick the desired object types to be backed up.
Your Microsoft 365 is backed up in a standard container. Please use Express Mode for a tenant with less than 300 users.
Then click on “Next”.
2.) Enter a name for the profile, this default information can be retained.
3.) Click Next if you would like to agree to the overview, which shows which objects will be stored in which containers in the future (default).
4.) Click Save and Run to immediately trigger the scan of the configured scanning profile.
Creation of a scan profile in advanced mode
Advanced mode dynamically registers the Microsoft 365 objects such as locations and mailboxes in containers defined by business rules that you configure.
This mode is especially recommended for tenants with more than 300 users.
In advanced mode, you have two options to scan Microsoft 365 objects:
- Scan all objects and place them in a container.
- All objects scan accordingly according to the dynamic rules.
If you would like to exclude individual users, mailboxes or sites from the scanning area, this is explained in the following Wiki article.< br>
After configuration, click Next. After the overview, there are two options for ending the dialog or wizard for the scan profile.
-With “Save” the scan will only be carried out according to the configured schedule.
-With “Save and Run” the scan will be carried out immediately.
Creation of a scan profile for the autodiscovery of Power Platform objects
Please note that this requires the creation of a new "delegated" app profile.
To do this, proceed as follows:
In the Customer Portal, first navigate to the “App management”.
1. Click “Create”.
2. Select the tenant and service.
3. Select either Classic or Modern mode. Both modes lead to the same result. In our example we have selected classic mode.
4. Select the desired applications that should be authorized. Then click on “Continue to agree”
If you have created and saved the newly created app profile, the new scanning profile can be created.
To do this, navigate to “Scan profiles” in the customer portal and then click “Create”. You should now see the following selection:
Then select the desired mode and the objects that should be scanned in the new scan profile. In the next step, select the name of the profile.
When you are finished configuring the profile, you can choose to save or "Save and Run" AutoDiscovery of Power Platform objects.
Container
Dynamic containers make it easier to visualize, scope and manage your Microsoft 365 objects in Carbonite Backup for Microsoft 365 Admin or, as it is called in the wiki, the Customer Portal.
Objects are added to containers based on various business rules defined below, such as backing up specific users.
Grouping objects in this system does not result in any changes to your Microsoft 365 environment.
Containers can be configured provided Advanced Mode is selected in the scan profile.
When using Express mode in the scan profile, users are placed in the default container.
Job Monitor in the Customer Portal
The Job Monitor in the Customer Portal collects all information about a scan history. If an AutoDiscovery action is performed with exceptions or completed with errors, you will find further information about it in the scan history:
In the exported Excel file you will usually find several folders for selecting the object types. In the Details column you will generally find the information you need about the cause of the error in the scan.
Notifications in the Customer Portal
You can use the “Advanced Settings” in the Customer Portal to store email addresses if, for example, automatic authentication of the Microsoft 365 account fails.
You can also create an individual list of recipients who should receive these notifications.
We recommend that you configure an email notification for failed scans, as a failed scan does not give Carbonite permission to access your Microsoft 365 data.
This will result in backups failing for the next 24 hours.
Endpoint Portal
Click on the “Carbonite Backup Microsoft for 365” field.
You will now be redirected to the Carbonite Endpoint Portal, where you can configure your backups and restore object types.
For the Carbonite Endpoint Portal, only the Application Administrator and the Service Administrator can gain access.
Home page
On the Carbonite Endpoint Portal home page, you can view the backup or restore details for each object type using the "more details" link.
The backup details display the last four backups, the number of successful, skipped, and failed objects in each job, the progress of the ongoing backup, or the time to complete the next backup.
You can click the "More Details" link in the job summary to go to the Job Monitor page. There you can create and download job reports.
You can use the gear wheel at the top right of each object type to select the container, provided a service account has been configured in advanced mode in which to back up.
Furthermore, the backup schedules can be configured up to four times per day using the gear.
If necessary, you can get an insight into the upcoming new user interface at the bottom left of the Endpoint Portal by clicking on the following button:
The new overview allows you to customize your secured object types as you wish and includes, among others, the new object types Power BI and Power Automate.
Changing the backup scope
For a service account in advanced mode, you can select a container for backup.
When scanning in Express mode, the data is only saved in the standard container.
After you make the changes to the backup scope, all subsequent backup jobs back up the data according to the new scope.
Configure schedule
By default, the backup job for each object type runs every six hours (four times per day).
After the backup service is activated, you can change the backup frequency by clicking the gear of each object type. You can customize the backup frequency and schedule each backup service by setting the backup frequency one to four times per day and setting a start time for the first backup job.
Recovery
There are many ways data loss can occur. That's why it's important to have different recovery options available so that only what you need is restored.
This speeds up recovery times and simplifies IT efforts. Carbonite Backup for Microsoft 365 enables the following flexible recovery options:
- Granular and high-fidelity recovery (preserving all metadata and permissions)
- Restore to a different location
- Security rollback (to undo unintentional permission changes)
- Easy search
- Global Search: Also called Cross Application Search. There you can search across object types for an object such as: a file or email.
- Search by service type: In this search you select an object type such as: Teams and search for an object either using the simple search or the calendar overview.
After you have selected an object type whose data you want to have restored, there are two views to find the desired files from the backup.
Basically, you can perform restores using the following two options:
1.) Simple search
2.) Calendar overview
Restore via Simple Search
You can use the simple search to filter for your desired object types. For example, if you are looking for a specific email or a specific file, we recommend you
via Simple Search.
1.) Please go to the “Restore” tab under “Carbonite Backup” in the Endpoint Portal and click on the object type you want to restore.
2.) For Exchange Online, OneDrive for Business and Teams, enter the name of the email address. For Sharepoint Online and Project Online you must specify the corresponding URL.
For Microsoft Groups, you must select the name of the corresponding group.
3.) Under the advanced search, you can select the backup time range and filter by level.
Example: If you want to restore a file to OneDrive, you must first enter the user, then a backup date and finally the "Document" level.
Restore via the calendar overview
The calendar overview shows you your structure in an “explorer view” like in your Microsoft 365 environment. For example, if you don't exactly
If you know which folder or file was deleted, we recommend that you use the calendar overview for restoration.
1.) To restore via the calendar overview, please first select the object type you want to restore
and click "Find the items in a specific backup job".
2.) Then please select a data set from which you would like to restore.
3.) If you want to restore the entire user or site, please mark it and click "restore".
Alternatively, you can double-click on the user/URL and the structure will be displayed in the next step. Here you can
You can continue navigating by double-clicking on the folder and searching for the desired objects.
4.) In the recovery you have the following settings:
Important note: Depending on the object type, the recovery settings may differ.
Recovery overview of individual objects
Exporting and downloading your data
You can export and download your backup data for Exchange Online, SharePoint Online, OneDrive for Business, Microsoft 365 Groups, and Project Online.
After exporting your data, you can go to Job Monitor to download the exported data to a local location.
You can retrieve the encryption password by clicking on the key icon.
By default, you can export up to 100GB of data per month. The exported data must be downloaded within seven days; otherwise the download link will be removed.
If you need more, please send us a short email to support@terracloud.de.
What needs to be taken into account when restoring Microsoft Teams?
To secure Microsoft Teams data, it is important to know how Teams works on the backend side.
Teams is not a standalone application, but acts as an abstraction layer that brings together data from other applications, including Exchange Online, SharePoint Online, and OneDrive for Business.
Backing up the data from these other sources is important, but so is the configurations (i.e. settings, members, and team structure).
To do this, third-party backup providers must rely on Microsoft's latest APIs so that you can back up metadata and configurations in addition to data from key sources.:
The diagram shows that, for example, calendar and contact data is stored in Exchange Online.
The restore looks like this in the Endpoint Portal via Simple Search:
1.) At the beginning, please select the object type "Exchange Online" under the "Recovery" tab.
2.) Then please enter a user, set the level under the advanced search to "Folder" and click on "Search".
3.) Finally, you can select the Calendar, Contacts, Team Chat folders and click "Restore".
Furthermore, team files are saved via the channels in Sharepoint, but the team files are restored via Simple Search as follows:
1.) At the beginning, please select the object type “Teams” under the “Recovery” tab.
2.) Then please enter the team and set the level to “Document”.
3.) Either filter for the desired document using the simple search or click on “Search” and then search for the desired document.
Files sent via private chats are stored at Microsoft in OneDrive for Business. When restoring files via private chats,
You proceed as follows:
1.) At the beginning, please select the object type "OneDrive for Business" under the "Recovery" tab.
2.) Then enter the relevant user using the simple search and select the “Documents” level.
3.) Either filter for the desired document using the simple search or click on “Search” and then search for the desired document.
In this example, an "encryption" file was sent in a private chat. The storage location looks like this in OneDrive:
In the following screenshot you can see that the file in the Endpoint Portal cannot be restored via "Teams":
As mentioned above, you must restore the file via OneDrive for Business. You can use the simple search for this:
Further information about the dependencies of Microsoft services can be found in the following image:
When it comes to restores to Sharepoint, it depends on what type of Sharepoint site it is.
You can find the difference between modern and classic Sharepoints under the following Link.
The modern Sharepoint site has new functions/features such as Sharepoint Server 2019 integration etc.
The most serious feature is that backed up modern Sharepoint sites/objects can be restored "ALL" under groups/teams. You can usually find all objects there.
With a classic Sharepoint site you can restore the documents directly via Sharepoint.
Data management
In the Endpoint Portal you can independently delete individual objects from the object types from Carbonite Backup for Microsoft 365
delete. Under the "Delete backup data manually" tab you can delete individual objects from Exchange Online, Sharepoint Online, Microsoft 365 groups and Teams.
remove unprotected data
Unprotected data will be displayed to you if you exclude files under Container - after they have been completely scanned via the scan profile.
These can then be removed from the backup pool.
Delete backup data manually
In the Endpoint Portal you have the option to delete individual objects under the “Data management” tab and then “Delete backup data manually”.
Exchange Online:
With Exchange Online you can delete individual emails from mailboxes.
Sharepoint Online:
With Sharepoint Online you can delete documents from the sites.
Microsoft 365 Groups:
Under Microsoft 365 Groups, you can delete mailbox items or documents from your groups.
Teams:
Under Teams you can delete mailbox items or documents from individual teams.
Access requests to data according to DSGVO
Data access requests help your company comply with the GDPR. This function finds all copies of the Exchange Online mailbox
and OneDrive for Business backups of a specific data subject stored by Carbonites Backup for Microsoft 365 and
deletes user-generated backups from Mailbox and OneDrive.
1.) To receive data access requests, please navigate to the "Data Management" tab in the Endpoint Portal and then "Access Requests from Data Subject".
2.) Please then click on “Detect & Delete”.
3.) In the next step, select the type of content you want to delete.
Exchange Online: Deletes the data subject's mailbox backup
OneDrive for Business: Deletes the backup of the data subject's libraries.
4.) Click on the field to load the data subject or enter the keyword to search for the data subject.
5.) Select the data subject from the list and then click "Next".
6.) Click Delete to delete all backup data for the selected objects from Carbonite Backup for Microsoft 365.
Job Monitor in Endpoint Portal
In the ribbon you can apply the following filters:
- Time Filter: Today, Last 7 Days or This Month
- Job Type: Backup, Restore, Export, Delete or Retain
- Object type: Exchange Online, OneDrive for Business, SharePoint Online, Microsoft 365 Groups, Teams, Project Online or Public Folders.
- Job status: In progress, Completed, Completed with errors, Failed or Partially completed.
In the search bar you can filter according to the following parameters:
- Username
- Job ID
- Description
Generate reports / logs from the Job Monitor
To view further information about a job, click on a job, there you can view the job information such as the job ID or start time.
You also have the option of creating a simple or detailed report.
After creating a report, please click on "Download report"
Errors that occur in a Carbonite Backup for Microsoft 365 job may cause some items to fail and not be backed up.
The backup status "Warning" does not affect the status of the backup job.
This means that you may find backup jobs with a status of Completed but that contain items with a status of Warning.
However, if the backup of these items continues to fail during the next three backup jobs, the backup status for these items will be marked as Failed,
which may result in the status of the backup job changing to Completed with Exceptions or Failed.
As a rule, there are several Excel folders available in the report, which you can switch between accordingly. In the comment column you will generally find the cause of the problem.
In the following link you will find possible causes and the corresponding suggested solution:
https://wiki.terracloud.de/index.php/Carbonite_Backup_O365_Fehlerdiagnose/en
Reporting in the Endpoint Portal
Subscription Usage Report
Dashboard:
You can view the following license-related reports via the "Dashboard" tab:
License Details: View the license type and capacity of your purchased license.
License Utilization: View the number and percentage of license consumed, as well as the top consumers of your license.
Top license users by source: View the largest sources of consumption.
Heaviest Consumer by License Type: View the largest consumers by license type.
IMPORTANT: Please note that the consumption overview is only updated approx. 24 hours after a backup.
Please also note that the percentage display has no effect or meaning in the form of storage quota limits.
Usage:
You can view the license history and the trend graph via the “Usage” tab. You can also download a report of this data.
Usage condition:
You can use the "Usage status" tab to view the detailed license consumption of all objects from the object types. You can also download a report on this data.
Settings in the Endpoint Portal
Account Management
In the account management in the Enpoint Portal, you can assign a separate / newly created user from the Customer Portal to a security group.
Only then will the user's login (regardless of whether local user or M365 user) be granted access to the Endpoint Portal.
Backup/restore notifications in Endpoint Portal
In the endpoint portal of the tenant to be secured, you can configure various notifications and create them as a profile.
1.) To configure email notifications for failed backups, for example, please navigate to the “Settings” tab in the Endpoint Portal and then “Notification”.
2.) In the first step, please enter a name for the profile in the field at the top and the desired email address that should be notified in the third field.
3.) In the second step, you can configure email notification for backups with the status “Completed”, “Completed with Error” and “Failed”.
4.) After completing the configuration, please click “Apply”.
5.) An email notification for backups and restores has now been successfully configured.
FAQ
How do I create a backup manually?
To perform a manual backup, follow these steps:
On the home page, click the "More details" link in the object section with the warning icon.
The warning icon appears when the last backup job for an object type matches one of the following scenarios:
- A top-level container object cannot be backed up, including the site collection in SharePoint Online, Project Online, and OneDrive for Business, the mailbox in Exchange Online,
- the group team site and group mailbox in Microsoft 365 Groups, as well as public folders.
- More than 5% of the objects in a container level, excluding the top container level objects, are not backed up.
- More than 10% of the objects in a content layer cannot be backed up.
- The status of the last backup job is Failed.
Click Start New Backup to start a new backup job to protect your data.
You can view the details of the ongoing backup job by clicking Details in this object pane.
Activate Microsoft Teams chat backup
Facts about the Teams Chat object type
- It only affects user-to-user chats in Teams
- Azure subscription required for the tenant to be secured with stored payment information, as the Microsoft Graph API is used and this is subject to a charge from Microsoft.
- Includes, among other things, mentions, formatting, emojis, etc.
- Messages in channels via teams are not included there; these histories can be restored or exported via the "Teams" object type via HTML file.
- Documents or files sent via Teams are saved to and shared via OneDrive.
Below is a list of the objects that are supported in the Teams chat object type:
Teams Chat
To activate the backup, please proceed as follows:
Click on the widget's gear to adjust the backup area:
The following message appears:
By clicking on the "App management" link you will return to the customer portal, where you can create a new app profile.
Then select the right “Azure app” logo and fill out the required fields:
To create the custom Azure app, follow these steps:
https://support.carbonite.com/endpoint/articles/Create-Custom-Azure-Applications
Attached are the complete instructions: Teams-Chat Installation
Why is a Global Administrator account required for the app profile?
To back up, manage, or restore Microsoft Office 365 data, Carbonite Backup for Microsoft 365 requires a connection to Microsoft 365 and
Connect to Microsoft Azure Active Directory. The connection can be established by installing integrated Azure AD applications on the Microsoft 365 account.
In Microsoft 365, only global administrators can install integrated Azure apps from the Azure AD App Gallery to publish an app using the Azure AD Application Proxy.
What is the difference between a service account and app profile?
Dynamic object registration requires an authentication method that uses either a service account or an app profile. If you have a service account
as the authentication method, the account credentials within the profile are used to scan and manage Microsoft 365 objects.
If you don't want to provide your account and password or your company uses multi-factor authentication in Microsoft 365, you must choose the authentication method
for the app profile to use the app token to secure or manage data, and the Microsoft 365 Global Administrator account credentials will be
not saved by Carbonite Backup for Microsoft 365 Admin. However, the app profile authentication method has some limitations.
Have Planner scan data via the app profile
Since the Carbonite update in November 2022, it has been possible to have Planner data scanned via the app profile.
However, this requires an additional app profile that differs from the standard.
Please proceed as follows:
- Navigate to the customer portal of the desired customer via the Partner Portal.
- Create a new app profile. To do this, go to Administration -> App Management and click Create.
- Then select the service and click Next. In the next step please select Modern Mode.
- Click on consent from Carbonite Backup for Microsoft M365 delegated app section.
- Select the Protect Planner Data feature.
- Please then log in with the previously specified Global Administrator of the desired customer and confirm the requested rights that Carbonite requires from Microsoft
A deviation from the previous Global Administrator is possible, but not recommended by us. Experience has shown that it can subsequently lead to problems when assigning support cases.
- Now the view in the "App Profile" section in the Customer Portal should look like this:
How can I exclude objects from a backup?
The exclusion of objects can only be carried out at Container level in the Customer Portal. Individual objects within mailboxes, site collections etc. such as a folder in OneDrive is not possible.
For example, to exclude one or more OneDrive users from Carbonite Backup for M365, first navigate to the Customer Portal via the affected tenant in the Partner Portal.
Then click on “Scan profiles” under AutoDiscovery.
Leave the scan profile unchanged until point 3 "Configure containers and rules":
Then change the scanning mode. As described, we need the advanced mode here:
In this case, you would have to create a rule for each object type. If we stick with the example and want to exclude OneDrive users, the other object types selected in the scan profile will also need a rule.
It is sufficient if a standard container rule is selected. Click "Add" to add a rule.
Example:
Please forget to save the scan profile after creating the rule. After the next scan has been carried out, please check under the Container item in the Customer Portal whether the rule applies as desired.
If not, further adjustments would have to be made. Please note that the conditions in the rules must be clear.
If a backup has already been carried out and you have subsequently removed some objects from the container, the backups of the object will of course remain unaffected.
If you are considering deleting these from the previous backups, navigate to the customer Tenat's endpoint portal and then to data management.
After the next scan, you should see these removed objects from the containers under "Remove unprotected data".
How can I create an end user to the Endpoint Portal so that he can restore objects independently?
To do this, navigate to the customer portal of the respective tenant. In the Customer Portal you take the following actions exclusively at the tenant level.
Under "Administration" you will find "User management". There you can either select an existing user within the M365 tenant (recommended) or create an external user (local account).
To ensure that the newly created user can also perform restores independently, please select Tenant User. Then select the role as 'Standard User' or 'Application Administrator.
Please note that the user created is also "activated".
IMPORTANT: In the next step, you must assign the newly created user to a group in the Endpoint Portal. Further information can be found in the following article Article.
The user can then log in with the M365 Tenant credentials at the following URL:
https://backupoffice365.carbonite.com/login -> Important: Customers tab!
After logging in, the end customer sees the following:
After clicking on the "Carbonite Backup for M365" logo you will be taken to the Endpoint Portal where you can perform restores.
Wrong data center selected in invitation
Unfortunately, it is not possible to change the data center selection later. The selection can only be made by deleting and setting up the tenant in the Carbonite Backup for M365 Partner Portal.
Please proceed as follows:
- Please first delete the tenant from the partner portal and confirm the deletion to us.
- After the tenant has been deleted, it will be retained in the backend for a maximum of 30 days. If necessary, we can open a ticket with the manufacturer Carbonite and speed up the deletion process.
- Please provide us with the name of the global administrator of the end customer office.
Only after it has been completely deleted can it be set up in the correct data center.
Cross-client migration
Unfortunately, direct cross-tenant migration of data that has already been backed up is not possible. Nevertheless, you can restore data that has already been backed up to another container.
The following scenario:
You have an M365 tenant that has just been created and licensed with the required users and a tenant that exists with old - but still required - data.
The old tenant was already secured with the Carbonite M365 solution.
Solution:
For the migration, the new M365 tenant must be completely scanned once via the Scan Profile.
To do this, create an additional scan profile in the customer portal of the old tenant. This would also require authentication of the new tenant.
To do this, another app profile or service account must also be set up in advance become.
After the new tenant has been scanned, the newly created users should now be displayed in the standard container of the corresponding object type.
If necessary, you can create dynamic rules for this purpose. For example, that the users from the other organization are listed in a separate container.
Further information about the rules can be found at the following link: Rules in Carbonite M365 Backup
Then navigate to the Endpoint Portal to start a restore of the required and already backed up objects.
In any case, it is important that you select a user from the container, which will then act as the restore target.
As a basis, please refer to the following graphic.
In this case, the “Restore to another Location” column is relevant.
If the required object type is "not supported", errors may either occur during the restore or it is not supported by Carbonite M365 and is therefore not possible.
Assign invited tenant to another partner
In principle, it is possible that end customer tenants of an MSP are taken over by another service provider. The following procedure can be used for this:
1.) First, the tenant must be deleted in the partner portal of the current retailer. To do this, navigate to the customer directory in the partner portal using the pop-out on the left.
Select the symbol with the three dots, which you will find next to the affected customer, and carry out the “Delete customer” action.
2.) You will then be asked to confirm the deletion.
Please note that this only deletes the customer's entry including the users created and not the associated secured data in the backend.
The tenant remains accessible. The data is reserved in accordance with the customer's present license.
3.) The new service provider should send an invitation to the customer within the following 15 days, but you would have to wait at least an hour until a new invitation is sent.
If steps (1) and (2) have been completed, it should now be possible to transfer it to the partner portal.
4.) To add a new customer to your partner portal, you should first navigate to the customer directory on the left.
There, click on the "New Onboard Client" button and select the appropriate permission type. We generally recommend selecting the Global Administrator:
Then follow the instructions to confirm the customer's login details. You will then be taken back to the partner portal.
If the customer's tenant already exists, a pop-up window will appear with the customer information pre-filled.
If the tenant does not yet exist in the backup for M365, you must enter the appropriate information to invite them.
Consumption information in the report does not fit
If a tenant suddenly shows "0" GB of protected capacity in the consumption report or dashboard, it does not necessarily mean that no data is being backed up.
You can review backups and perform restore tests on-demand through the Endpoint portal.
The most likely reason is that the app profile needs to be re-authorized once.
Further information can be found here here.
Reauthorize app profile
If there has been a password change for the global administrator or backups are not started in the Endpoint Portal, it is possible that the app profile needs to be re-authorized.
We also recommend re-authorizing the app profile if you receive the following message:
Please proceed as follows:
- Navigate to the Customer Portal of the affected customer.
- Click on Tenant Management and mark the already created profile.
- Then click on reconnect and log in with the Global Administrator (preferably the one previously registered) of the affected end customer tenant and go through the next steps.
Additionally re-authorize the app profile in the app management:
We recommend that you configure a notification when reauthorization is required from Carbonite.
This works like this:
Data Retention Notification
This is a purely informative email from Carbonite.
Our licensing model requires us to keep any backups created for no longer than 365 days.
According to the information in the email, you only received a reminder that the following backups reached their maximum retention time on August 18th.
Accordingly, only the old backups that have reached a retention period of 365 days are removed from the backup.
You basically have the option of accessing 1460 backup points (365*4 backups per day) per object type. Assuming you have backed up 4 times every day.
If you need a longer retention period than 1 year, for example for your emails, we recommend a separate archiving solution.
Termination
You can completely delete an organization's data backup by manually expiring the license early.
Please select the desired end customer in the Partner Portal and navigate with the cursor next to the product name "Carbonite Backup for M365" until three dots appear.
You can use the “Edit Subscription” button to “Expire Now” the license. The date is then set to today.
Please note that once the date is reached, neither backups nor restores are possible! As a rule, you will be informed by email in a timely manner
If you cancel the product in the TERRA CLOUD Center or delete the tenant in the Partner Portal, the license expiration date will be set to the day of this action (cancellation/deletion in the portal).
Your backup data will be retained for a maximum of 60 days after the license expiry date is reached.
If you have made any changes, please press Save.
In case of support
Error in Auto Discovery
In the event of an incorrect scan or auto discovery, you will find further information in the so-called scan history.
To do this, navigate to the Portal and then under the Auto Discovery section to Job Monitor.
Highlight the scan profile listed and then click "Export scan history" in the action menu.
Example:
After exporting the scan history, you will usually find the cause or a solution as to why the scan is showing errors in the comment line.
Error in backup job
If a backup of an object type was not carried out or was completed with errors, you will find information about this in the backup report.
A backup report must first be generated manually in the job monitor.
To do this, proceed as follows:
Generate logs from the Job Monitor.
There, too, a note is usually given in the "Comment" line as to why this job fails or has errors. Please also pay attention to the “Status column”.
In the following link you will find possible causes and the corresponding suggested solution:
https://wiki.terracloud.de/index.php/Carbonite_Backup_O365_Errordiagnosis
Other requests
If you have any other questions or similar questions about the product, you can of course contact us at any time by email support@terracloud.de or by telephone using the support hotline (ext. -850).
Important:
So that we can process the support case as best as possible, please always send us the following information:
- Affected tenant owner (Partner Portal --> Customer Directory)
- Log of the failing process
- Detailed error description