Search <book_title>...

Veritas Alta™ SaaS Protection Administrator's Guide

Last Published: 2024-09-24

Product(s): Veritas Alta SaaS Protection (1.0)

Introduction to Veritas Alta™ SaaS Protection
1. About Veritas Alta SaaS Protection
2. Features of Veritas Alta SaaS Protection
3. Architecture of Veritas Alta SaaS Protection
4. SaaS applications supported for data protection
5. Operational workflow
6. Administration portal
  1. Analytics
  2. About the System page
Active Directory synchronization
1. About Active Directory (Entra ID) synchronization
2. Prerequisite
3. Features required Active Directory (Entra ID) synchronization
4. Limitations if Active Directory (Entra ID) synchronization is not enabled
5. How to enable Active Directory (Entra ID) synchronization
Manage users and roles
1. Role-based access control
2. User permissions
3. Permissions tab
API permissions
1. API permissions for Exchange Online
2. API permissions for SharePoint, OneDrive for Business, and Teams Sites Collections
3. API permissions for Teams chat
4. API permissions for Gmail and Google Drive
Add connectors
1. Features of connectors
2. Overview of adding connectors
  1. Configure General settings
3. Connectors page
4. Connector status
5. Support matrix for Microsoft 365 connectors
6. Add Exchange Online connectors
  1. Configure the capture scope for Exchange connectors
7. Add SharePoint Online connectors
  1. Supported and unsupported SharePoint Settings and Types for backup and restore
  2. Supported Sites and List templates for backup and restore
  3. Supported SharePoint permission objects for backup and restore
  4. Configuring the capture scopes for SharePoint connectors
  5. Delete policy for SharePoint environments
  6. Stubbing policy for SharePoint Online
  7. Run Delete and Stubbing policies to the SharePoint Online environment
  8. SharePoint Online connector limitations
8. Add Teams site collections connectors
  1. Configure the capture scope for Teams site connectors
  2. Teams site collections connector limitations
9. Add OneDrive connectors
  1. Configure the capture scope for OneDrive for Business connectors
10. Add Teams chat connectors
  1. Configure the capture scope for Teams chat connectors
  2. Teams chat connector limitations
11. Configure User filter
12. Configure Group filter
13. Configure Filter folder
14. Configure credentials using Manual mode
15. Assign M365 apps to M365 connectors
16. M365 apps status
17. M365 apps recovery
18. Approve M365 apps manually
19. Approve M365 apps using App Consent Grant utility
20. Configure Custom backup policy
21. Add Audit Log connectors
  1. Audit log connector limitation
22. Support matrix for Google connectors
23. Prerequisites to add Google Drive connectors
24. Add Google Drive connectors
  1. Configure the capture scope for Google Drive connectors
  2. Google Drive connector limitations
25. Add Gmail connectors
  1. Configure Capture scopes for Gmail data
26. About the Salesforce connector
  1. Prerequisites to add Salesforce connectors
  2. Add Salesforce connectors
  3. Upload a certificate to the Salesforce organization
  4. Limitations of Salesforce connector
  5. Salesforce Objects not supported for backup
27. Add Entra ID (Azure AD) connectors
  1. Limitations for Entra ID connector
28. Add Box connectors
  1. Configure capture scope for Box data
  2. Box connector limitations
29. Add Slack connectors
30. Add Email/Messages
  1. Prerequisite
  2. Adding EML/Messages connectors
31. Edit connectors
32. Delete connectors
Apps Consent Grant Utility
1. About the Apps Consent Grant Utility
2. Pre-requisites to download and install services and utilities
3. Downloading the Apps Consent Grant Utility
4. Installing or upgrading the Apps Consent Grant Utility
5. Post-installation activities for the Apps Consent Grant Utility
Add Retention policies
1. About WORM policies
2. Ingestion WORM policies page
3. Points to consider before adding retention policies
4. Add/edit Ingestion WORM retention policies
5. Add/edit At-Rest WORM retention policies
6. About Deletion policy
7. Add/edit Deletion policies
8. View deletion history
9. How to edit the policy evaluation interval?
10. How to add a Location filter?
11. How to add a filter?
Perform backups
1. Perform on-demand/ad-hoc backup
2. View backup events
  1. About Event suppression
  2. Create event suppression rules
3. Viewing backup tasks details
Manage backed-up data
1. Browse backed-up data
2. Share data
  1. Remove data sharing
Perform restores using Administration portal
1. About restore
2. Prerequisites for restore
3. Restore Exchange Online mailboxes
4. Restore SharePoint/OneDrive/Teams Sites and data
  1. Restore of OneDrive, Microsoft 365 Group, and Microsoft Teams sites
  2. Limitations of SharePoint Online data and sites restore
5. Restore Teams chat messages and Teams channel conversations
  1. Limitations of Teams chat data restore
6. Restore O365 audit logs
7. Restore Box data
  1. Limitations of Box data restore
8. Restore Google Drive data
  1. About the overwrite restore behavior for Box/Google Drive data
9. Restore Gmail data
10. About the Salesforce Data, Metadata, and CRM Content restore
11. About Entra ID (Azure AD) objects and records restore
12. Restore Slack data
13. Restore data to File server
14. Set the default restore point
15. Configure Restore all, Restore all versions, Point-in-time, and Specific range restore options
16. Configure email addresses for notifications
17. Downloading an item
Perform restores using Export Utility
1. Restoring the SharePoint site data and Discovery case
Restore dashboard
1. About Restore dashboard
2. Restore job statuses
3. How to cancel a restore job?
4. View the restore events
Install services and utilities
1. About services and utilities
2. Pre-requisites to download and install services and utilities
3. Downloading services and utilities
4. Where to install the services and utilities
5. Installing or upgrading services and utilities
6. Configuring service accounts for services and utilities
7. Configuring the Export service
8. Configuring the Export utility
9. Configuring the File copy utility
Discovery
1. About eDiscovery/searches
2. Add search templates
3. Add Discovery cases
4. Perform ad hoc search and add data to Discovery cases
5. View data in Discovery cases
6. Edit Discovery cases
7. DeleteDiscovery cases
8. Assign Discovery cases to users
Add Tagging polices
1. About the Tagging policy
2. Add Tags
3. Add/edit Tagging policies
4. Adding regular expressions
  1. RegEx and query examples for PII detection
Add Tiering policy
1. About the Tiering policy
2. Add/edit Tiering policies
General administrative tasks
1. View upgrade history
2. Configure the Administration portal
3. Auditing
Manage Stors (Storages)
1. Viewing Stors (Storages)
2. Requesting a new Stor
3. General tab
4. Metadata tab
5. Statistical policies tab
6. Location-Mapping tab
7. Backup tab
8. Custodian Groups tab
9. Advanced tab
10. Analytics tab
Managing Scopes
1. About Scopes
2. Enabling Scopes
3. Configuring Scopes
4. Using Scopes
Known Issues
1. Know Issues

Configuring service accounts for services and utilities

Typically, there are two different account types used to configure each service,

A Windows domain or local computer account that you to be used to run this service.
An Azure account that has the appropriate access in .

For ease of use, the following service accounts are created as part of the provisioning process.

Connector service account
Retrieval service account
Full admin account

This information will be provided by the support team during the post-provisioning call.

If you do not want to use the default service accounts, you can create your own accounts with the correct permissions as described in the Authorizations required for the service account table. If you create your own accounts, you could use the same account to run the service and connect to .

Authorizations required for the service account in

The service account must be authorized with the following permissions :

Table: Authorizations required for the service account

Services and utilities	Authorizations in	Authorizations in customer's domain
Connector service	API Add Content	Read permission. Write Attributes permission. Note: The File copy utility and the Retrieval service require permissions.
Export service	API API Impersonation Access All Items
Retrieval service	API API Impersonation Access All Items
Export utility	For the administrator: API Access All Items For the end user: End-User Retrieval End-User Portal Export Utility
File copy utility	API API Impersonation Access All Items
Apps Consent Grant utility		Global Administrator

Table: Authorizations required for the service accounts in Windows

Services and utilities	Windows Permissions when running the service
Connector service	Log on as a service permission If running a Connector for File System Archiving: Standard Read permissions Write Attributes permission The Write Attributes permission is required as suppresses updating the Last Accessed time. Write permission is also required when using the `.Hubstorinfo` file, which is enabled by default.
Export service	Log on as a service permission Modify permissions to the export locations
Retrieval service	Log on as a service permission Full control permissions

To configure a service account for services and utilities

Open a web browser and access the Administration portal.
Click Administration.
On the left, expand Permissions > Users and groups.
Click Refine search.
In the Refine search window, enter the user account, and then click Run search.
Click Manage permissions.
In the Manage permissions window, select the required permissions for the service account and then click Assign.