Complete the Guided Setup Using the Custom Configuration


If multi-factor authentication is enabled for your global administrator account, you must manually create the Azure Active Directory application.

Log On to the Azure Portal as the Global Administrator

  1. Log on to the Azure portal ( using your global administrator account.

  2. Go to Azure Active Directory.

Register Azure Active Directory in the Azure Portal

  1. In the navigation pane, click App registrations.

    The App registrations page appears.

  2. Click New registration.

    The Register an application screen appears.

  3. In the Name box, type a name for the app.

  4. Under Supported account types, select Accounts in this organizational directory only (tenant_prefix - Single tenant).

  5. Click Register.

  6. Copy and paste the following values in a file or other document that you can access later:

    • Application (client) ID

    • Directory (tenant) ID

      You will enter these values in the Commvault software when you create the Azure AD app.

  7. From the left navigation pane, click Certificates & secrets, and then copy the client secret value shown in the page.

  8. In the navigation pane, click API permissions.

  9. Click Add a permission.

    The Request API permissions page appears.

  10. Click Microsoft Graph and complete the following steps:

    1. Click Application Permissions.

    2. Select the following permissions:

      • Application: Application.ReadWrite.All

      • AppRoleAssignment: AppRoleAssignment.ReadWrite.All

      • Directory: Directory.ReadWrite.All

      • Domain: Domain.ReadWrite.All

      • Group: Group.ReadWrite.All

      • RoleManagement: RoleManagement.ReadWrite.Directory

      • User: User.ReadWrite.All

    3. Click Add permissions.

  11. Return to the Request API permissions page.

  12. On the app API permissions page, click Grant admin consent for tenant_name.

Add an App for Azure Active Directory

  1. From the navigation pane, go to Protect > Applications > Active Directory.

    The Active Directory page appears.

  2. In the upper-right corner of the page, click Add, and then click Azure Active Directory.

    The Azure Active Directory page appears.

  3. In the Name box, enter a name for the app.

  4. From the Server plan list, select the server plan to use for the app.

  5. Under Infrastructure settings, enter the following information:

    1. From the Index server list, select the index server to use for the app.

    2. From the Access node list, select the access node to use for the app.

  6. Under Azure AD connection settings, enter the following information:

    1. From the Azure AD cloud region list, select the region where your company is located.

    2. Select Custom configuration (Advanced).

    3. In the Application ID box, type the application (client) ID.

    4. In the Application secret box, type the client secret value that you copied from the Azure portal.

    5. In the Azure directory ID box, type the tenant ID.