Active Backup for Microsoft 365 - SynologyBackup is very important. When last time did you back up data from your Microsoft 365 services?

As you know - I have a DS620Slim in my homelab. I have written many posts about this device. Also, I’m still thinking to buy a new 6x1TB disks to have bigger storage for my purposes.

Last time my production tenant was blocked - due to payment issues and I lost access to my mailbox, onedrive, and OneNote. That wasn’t a good time, I was very stressed that I lost everything.

So - I remembered that Synology creates multiple packages named Active Backup. Why not check if there is a package for the M365 suite? Yep, it is. So I decided to configure it and show results on this blog post.

The first thing, which I do was create two shared folders. Why two? One is for my production tenant, second is for the developer tenant. It’s nice to have a backup from a place where you’re testing every scenario. I assigned default permissions for that. About permissions, I will write something more later.

When you created the shared folders, you need to install this package from a store and activate the license using your Synology account.

Active Backup for Microsoft 365 - Synology

When package is installed, you need to select for creating new task (or if you want - you can restore existing task of course)

Active Backup for Microsoft 365 - Synology

The next steps are quite strange because you need to download a PowerShell script from the Synology site and log on using a global admin account to your tenant. Eh, it’s not a good way to using a GA account to do any of the activities. I checked that script, is doing necessary steps only related to registering new applications on Azure, generating certificate, and uploading to AAD.

But to be sure, we should use an account that has the lowest permissions to creating applications and granting access to the whole environment. About this - you can read it here

This script can be found here

To all steps on this article, make short notes with Tenant ID, application ID, and GA account details.

Active Backup for Microsoft 365 - Synology

When you do all steps (like generating application and certificate) go back to the Synology device and fill in necessary fields, like on my screen

Active Backup for Microsoft 365 - Synology

In the next step, you need to provide a name for a task and destination. Also, you need to check which users/groups/sites you want to backup.

But, wait?! What with groups which I create later?! How to backup it? Should I every time visit Synology and select what I want to backup?!

Nope, not this time. On the next screen, you can select what do you can do with newly created items.

Active Backup for Microsoft 365 - Synology

The last step in the configuration wizard is the configuration of the schedule. You need to decide, how many times per day you want to make a backup of your services. Or maybe continuous? Or maybe on-demand?

For my tenant, I decided to make a backup twice times per day.

Also, you need to decide how many historical versions you want to store on your device.

Active Backup for Microsoft 365 - Synology

When you finish the configuration, you can run the backup after configuration or wait for a scheduled backup.

I decided to run automatically after configuration.

Active Backup for Microsoft 365 - Synology

After some time - the task was finished successfully.

Below you can find a screenshot, how it is to look after one day.

Active Backup for Microsoft 365 - Synology

But how to restore any of the items from services which we are protecting? You need to visit Active Backup for Microsoft 365 Portal and select a proper user and item, which you want to restore.

Active Backup for Microsoft 365 - Synology

It is very intuitive to use.

Last thing - about permissions and how to allow end-users to recover their own items I will write another article later.

Thanks for reading!