IBM Support

Microsoft 365 backup and restore requirements: IBM Spectrum Protect Plus 10.1.11

Preventive Service Planning


Abstract

This document details the Microsoft® 365 backup and restore requirements for IBM Spectrum Protect Plus 10.1.11.

Content

This document is divided into linked sections. Use the following links to go to the section of the document that you require.



 

General

Beginning with IBM Spectrum Protect Plus 10.1.5, support was added for backing up and restoring Microsoft 365 data.
To read about new and changed features in different versions of IBM Spectrum Protect Plus 10.1, see What's new for IBM Spectrum Protect Plus.

Product name update: Microsoft Corporation announced new product names, effective 21 April 2020, for its Office 365 offerings for small and medium businesses. With this announcement, all small and medium business plans transitioned to the new Microsoft 365 brand. In IBM Spectrum Protect Plus 10.1.6, the user interface and documentation use the original product name, Office 365. For more information, see New Microsoft 365 offerings for small and medium-sized businesses

If you choose to protect Microsoft 365 data with IBM Spectrum Protect Plus, you must purchase the IBM Spectrum Protect Plus for Microsoft 365 Entity ID monthly license. For more information about this entitlement, see the IBM Spectrum Protect 10.1.5 announcement letter.

Before you start protecting Microsoft 365 data with IBM Spectrum Protect Plus, ensure that the system environment meets the following requirements.

IBM Spectrum Protect Plus support for third-party operating systems, applications, services, and hardware depend on the respective vendor. If a third-party product or version moves into extended support, self-service support, or end-of-life, IBM Spectrum Protect Plus supports the product or version at the same level as the vendor. See also IBM Support General Guidelines and Limitations - IBM support for software on unsupported operating systems



 

Configuration

Cloud service

To protect a Microsoft 365 application, you must register the application with Azure Active Directory and grant appropriate permissions. Before you begin, you must have the following items:

  • An active Microsoft 365 subscription
  • A Microsoft 365 administrative user ID and password

For instructions about registering the Microsoft 365 application with Azure Active Directory, see Registering with Azure Active Directory.

If you have a Microsoft 365 administrative account, you can add users to ensure that they have valid licenses. For instructions, see Microsoft 365 in Visual Studio subscriptions

Ensure that you remember the Microsoft 365 administrative user IDs and passwords or maintain this information in a secure location.


 

Application versions

Table 1. Coverage matrix for application levels supported by IBM Spectrum Protect Plus
IBM Spectrum Protect Plus Microsoft 365 Business
Basic, Business Standard, Business Premium editions		 Office 365 for Enterprise
E1, E3, and E5 editions		 Office 365 for Education
A1, A3, and A5 editions		 Office 365 for Firstline Workers 
F3 edition		 Microsoft 365 for Enterprise
E3 and E5 editions
10.1.5
10.1.6
10.1.7
10.1.8
10.1.9
10.1.10
10.1.11

Note:

  • Microsoft 365 Business, former product name: Office 365 Business
  • Office 365 for Education, former product name: Office 365 Education edition
  • Office 365 for Firstline Workers, former product name: Microsoft 365 F1


 

Operating systems

Table 2. Coverage matrix for supported Linux® x86_64 operating systems
IBM Spectrum Protect Plus RHEL 7.0* RHEL 8.0* CentOS 7.0* CentOS 8.0*
 10.1.5 -- --
 10.1.6 --
10.1.7
10.1.8
10.1.9
10.1.10
10.1.11

* The base release and later maintenance and modification levels are supported.

Note: CentOS Linux 8 reached end of life (EOL) on 31 December 2021, see  CentOS Linux EOL. IBM Spectrum Protect Plus is not supported on the next CentOS version (CentOS Stream 8).

IBM Spectrum Protect Plus supports proxy host servers running on physical (bare metal) servers and in virtualized environments.


 

Restrictions

  • The Microsoft 365 tenant must be in a global region as defined by Microsoft. National regions are not supported. For more information about regions, see National cloud deployments
  • Ensure that vSnap is not used as a proxy server in production mode.



 

Software

  • The bash and sudo packages must be installed. Sudo must be at version 1.7.6p2 or later. Run sudo -V to check the version.
  • Tip: The required bash and sudo packages are included in the supported Linux x86_64 operating system installation packages.
  • Install the most recent Microsoft 365 patches and updates in your environment.
  • Ensure that a supported version of Linux x86_64 is installed with the most recent patches and updates.
  • The International Components for Unicode (libicu) rpm package must be installed for the corresponding version of your operating system.
  • Ensure that the user limit value ulimit -f value, which specifies the effective file size for the IBM Spectrum Protect Plus agent, is set to unlimited. Alternatively, set the value sufficiently high to support copying of the largest Microsoft 365 files in your backup and restore jobs.
  • In a Linux environment, depending on your version or distribution, ensure that the Linux utility package, util-linux-ng, or util-linux, is current.



 

Connectivity

Ensure that your system environment meets the following connectivity requirements:

  • The secure file transfer protocol (SFTP) subsystem for Secure Shell (SSH) is enabled.
  • The SSH service is running on port 22 on the proxy host server.
  • The SSH host key must be one of the following algorithms: ssh-dsa, ssh-rsa, ecdsa-sha2-nistp256, ecdsa-sha2-nistp384, or ecdsa-sha2-nistp521.
  • Firewalls are configured to allow IBM Spectrum Protect Plus to connect to the proxy host server by using SSH.
  • Firewalls must be configured to enable the proxy host server to communicate with the IBM Spectrum Protect Plus server by using Hypertext Transfer Protocol Secure (HTTPS) through port 443.
  • IBM Spectrum Protect Plus uses the Network File System (NFS) protocol to mount storage volumes for backup and restore operations. Ensure that the native Linux NFS client is installed on the proxy host server.
  • All servers, proxies, applications, and hypervisors that are added to the IBM Spectrum Protect Plus environment must be registered by using a Domain Name System (DNS) name or Internet Protocol (IP) address.
  • If DNS names are used, they must be resolvable over the network by the IBM Spectrum Protect Plus server and the vSnap server. All IBM Spectrum Protect Plus components must also be resolvable by their DNS names.
  • If DNS is not available, you must add the server to the /etc/hosts file on the IBM Spectrum Protect Plus server by using the command line.



 

Authentication and privileges

Authentication

  • The proxy host server must be registered with IBM Spectrum Protect Plus by using an operating system user that exists on the agent host. The user is then referred to as the IBM Spectrum Protect Plus agent user.
  • Ensure that the root user password is correctly configured and that the user can log in without facing any other prompts, such as prompts to reset the password.


 

Privileges

The IBM Spectrum Protect Plus agent user must have privileges to run commands a root user by using sudo. The sudoers configuration must allow the IBM Spectrum Protect Plus agent user to run commands without a password.



 

Prerequisites and operations

Prerequisites

Ensure that the Software, Connectivity, and Authentication and privileges requirements are met.

The following prerequisites must be met before you start protecting your resources:

  • To protect a Microsoft 365 application, you must register the application with Azure Active Directory and grant appropriate permissions. When you register a new application with Azure Active Directory, the application credentials such as application ID and application secret are made available on the Azure Active Directory portal. For instructions, see Registering with Azure Active Directory.
  • To ensure that the IBM Spectrum Protect Plus agent can connect to the Microsoft 365 tenant, you must register the Microsoft tenant credentials and the proxy host server with IBM Spectrum Protect Plus. For instructions, see Registering the Microsoft 365 tenant with IBM Spectrum Protect Plus.


 

Operations

Before you start a backup or restore operation, take the following actions:

  • Apply a service level agreement (SLA) policy.
  • Assign appropriate roles and resource groups to users who are running  backup and restore operations. Grant users access to resources and roles by using the Accounts pane.
  • Performance tip: To help enhance the performance of backup operations, set the number of parallel sessions to a number in the range 10 - 40.

Review the following information about creating backup and restore jobs:

For an overview about protecting Microsoft 365 with IBM Spectrum Protect Plus, see Protecting Microsoft 365.



 

Ports

The following ports are used by IBM Spectrum Protect Plus agents users.

Table 3. Communication ports when the target is an IBM Spectrum Protect Plus agent user
Port Protocol Initiator Target Description
22 Transmission Control Protocol (TCP) IBM Spectrum Protect Plus server Proxy host server Provides access to troubleshoot and maintain remote proxy host servers that are running guest application components by using the SSH protocol


 

Table 4. Communication ports when the initiator is an IBM Spectrum Protect Plus agent user
Port Protocol Initiator Target Description
111 TCP and User Datagram Protocol (UDP) Proxy host server vSnap server Allows Open Network Computing (ONC) clients to discover ports for communications with ONC servers
443 TCP Proxy host server vSnap server Port that allows the agent to communicate with IBM Spectrum Protect Plus for sending alerts if log backup failures
2049 TCP and UDP Proxy host server vSnap server Used for NFS data transfer to and from vSnap servers
20048 TCP and UDP Proxy host server vSnap server Mounts vSnap file systems on clients such as the VMware vStorage API for Data Protection (VADP) proxy, application servers, and virtualization datastores



 

Hardware

Table 5. Minimum hardware requirements
System Disk space Memory and CPU
Compatible hardware with quad-core processors that are supported by the operating system A minimum of 500 MB under /tmp and 800 MB under /opt is required for product installation.

5 GB of available disk space for temporary files at run time
 		 16 GB of random access memory (RAM) and
8 processors



 

[{"Type":"MASTER","Line of Business":{"code":"LOB26","label":"Storage"},"Business Unit":{"code":"BU058","label":"IBM Infrastructure w\/TPS"},"Product":{"code":"SSNQFQ","label":"IBM Spectrum Protect Plus"},"ARM Category":[{"code":"a8m3p000000h9Z4AAI","label":"HW\/SW Requirements"}],"ARM Case Number":"","Platform":[{"code":"PF016","label":"Linux"}],"Version":"10.1.11"}]

Document Information

Modified date:
29 June 2022

UID

ibm16579429

Page Feedback