Entra ID Initial Activation

Follow these steps to set up and manage Entra ID activation for IBM® Storage Protect for Cloud:

1. Sign up for IBM Storage Protect for Cloud to use IBM Storage Protect for Cloud Azure VMs, Storage, and Entra ID.
   • Visit the IBM Storage Protect for Cloud trial page for IBM Storage Protect for Cloud Azure VMs, Storage, and Entra ID and sign up for a free 30 day trial.
2. Access IBM Storage Protect for Cloud.
   • Sign in to the IBM Storage Protect for Cloud environment using the corresponding account. See Sign into IBM Storage Protect for Cloud for details.
3. Connect your tenant.
   • If you want to protect your Microsoft Entra tenant via IBM Storage Protect for Cloud, your tenant owner or service administrators must first connect the tenant to IBM Storage Protect for Cloud. See Connect your Tenants to IBM Storage Protect for Cloud for details.
4. Configure the service app profile.
   • Set up the app profile for the service app required to protect Microsoft Entra. Use your Microsoft 365 Global Admin Account to consent to the application. See Create a Service App and Grant the Consent for details.
5. Configure a service account profile.
   • Create a service account profile if you want to protect the following properties. For details on configuring a service account profile, refer to Create a Service Account Profile.
     • To back up and restore distribution lists or mail-enabled security groups in Microsoft Entra ID, you can choose to configure a service account profile for this tenant with a Global Administrator or Exchange Administrator user role, or you can go to the Azure portal to add this service app as Exchange Administrators role. For details on assigning an app the Exchange administrator role, refer to How to Assign the Exchange Administrator Role to an App?.
     • To back up and restore the Attributes and Claims, Identifier (Entity ID), currentSingleSignOnMode, ParentAppId, or IsCustomAppof the SSO configuration for the enterprise applications, you must have a service account profile configured in the IBM Storage Protect for Cloud interface and the service account you use must have the Application Administrator role.
6. Create the backup scope.
   • Navigate to IBM Storage Protect for Cloud Azure VMs, Storage, and Entra ID > Backup page and create a backup scope for the Microsoft Entra tenant that you want to protect. Define whether to protect the Sign-in log or Audit log, configure the backup start time, and ensure the data retention policy meets your organization’s needs. The backup job can run up to four times per day. See Create a New Backup Scope for Microsoft Entra ID for details.
7. Monitor and manage backups.
   • Regularly monitor the backup status and ensure that backups are running as scheduled. See Monitor Your Backup for details.
   • Use the Subscription Consumption report and Backup Analysis report to track your subscription utilization and backup statistics. See Reports for details.
8. Test restores.
   • Periodically test the restore process to ensure that you can recover data quickly and accurately.
   • Compare backups to ensure you are restoring the correct files. See Use the Compare Method for details.