To configure modern authentication for the Microsoft Office365 email server, you must use the information generated in an Azure Active Directory application, such as, access tokens and ID tokens.
Log On to the Azure Portal as the Global Administrator
- Log on to the Azure portal (https://portal.azure.com/) using your global administrator account.
- Go to Azure Active Directory.
Register Azure Active Directory in the Azure Portal
- In the navigation pane, click App registrations.
The App registrations page appears. - Click New registration.
The Register an application screen appears.- In the Name box, type a name for the app.
- In the Redirect URI section, select Web and then enter http://localhost:3017/.
- In the Supported account types section, select Accounts in this organizational directory only.
- Click Register.
- Copy and paste the following values in a file or other document that you can access later:
- Application (client) ID
- Directory (tenant) ID
You will enter these values in the Commvault software when you create the Azure AD app.
- From the left navigation pane, click Certificates & secrets.
-
Click New client secret.
The Add a client secret dialog box appears.- Enter the client secret description and expiration date, and then click Add.
Note
Save the client secret value.
-
In the navigation pane, click API permissions.
- Click Add a permission.
The Request API permissions page appears. -
Click Microsoft Graph and complete the following steps:
- Click Application Permissions.
- Select the following permissions:
Type Permission Description Delegated IMAP.AccessAsUser.All Read and write access to mailboxes via IMAP Delegated Mail.Send Send mail as a user Application Mail.Send Send mail as any user Delegated offline.access Maintain access to data you have given it access to Delegated openid Sign users in Delegated POP.AccessAsUser.All Read and write access to mailboxes via POP Delegated SMTP.Send Send emails from mailboxes using SMTP AUTH Delegated User.Read Sign in and read user profile - Click Add permissions.
For more information regarding permissions, see Microsoft Permissions. - Click Grant admin consent for <Azure account>.
-
In the navigation pane, click Authentication.
Authenticate the Azure app for access tokens using Implicit grant and hybrid flows. - Select Access tokens (used for implicit flows) and ID tokens (used for implicit and hybrid flows), and then click Save.
What to Do Next
- Make a note of the following values, which are required for configuring modern authentication:
- Your Directory (tenant) ID
- Your Application (client) ID
- Your Application client secret value
- Configure the Microsoft Office 365 email server in the Command Center.