Working with Application Settings

Use these steps to configure notifications, administrators, and other tenant settings for the application:

  1. Log into Spanning Backup for Microsoft 365 as an admin user.
  2. Click Settings.
  3. Review the settings on each tab and modify as needed.

See these topics for details:

Use these procedures to configure automated protection settings:

In the License Settings section on the Settings > Auto-Protection tab, choose whether to enable these automated licensing features:

  • Automatically purchase Standard Licenses for new users – Use with group-based licensing to automatically purchase standard licenses when needed to ensure that each newly added user is protected with Spanning backups. You must configure group-based licensing before you enable this feature (see To configure group-based licensing).
  • Automatically purchase Standard Licenses for new shared mailboxes – Use with group-based licensing to automatically purchase standard shared mailbox licenses when needed to ensure that each newly added shared mailbox is protected with Spanning backups. You must configure group-based licensing before you enable this feature (see To configure group-based licensing).
  • Automatically assign Archived Licenses for deleted users – Assigns archived licenses to users that were deleted by Microsoft. For details on using this feature, see Auto-assigning archived licenses to users deleted by Microsoft.

Group-based licensing enables Spanning to automatically protect new users in your tenant via Azure Active Directory security group membership.

NOTE  There are multiple types of Azure groups. Spanning can license by security groups only.

Use this procedure to configure group-based licensing:

  1. On the Settings > Auto-Protection tab, scroll down to the Group Based Licensing section.
  2. Add the Azure Active Directory security groups that Spanning will monitor for changes:
    • Choose a security group from the Select field list.
    • Click Add Group.
    • The group is added to the Licensed Groups list. Repeat to add more groups.
  3. (Recommended) Enter a number in the Depletion Notification quantity field so that Spanning sends a notification when your available license count reaches the specified threshold. To stop receiving these notifications, set the quantity to zero (0).
  4. Click Save.
  1. Group-based licensing is enabled. Note the following:
    • Spanning checks the specified Azure Active Directory security groups for new users once a day. If a new user is found, Spanning assigns a standard license to that user if one is available.
    • Spanning does not automatically unassign licenses, even if users are removed from a security group or from Microsoft 365.
    • When a Spanning license is unassigned:
      • A user's data is removed permanently 60 days after the change is made.
      • If a license is re-applied within 60 days, backups resume and data is preserved based on the organization's current retention settings.
  2. (Optional) Check boxes to enable these automated licensing features in the License Settings section above:
  • Automatically purchase Standard Licenses for new users – Use to automatically purchase standard licenses when needed to ensure that each newly added user is protected with Spanning backups.
  • Automatically purchase Standard Licenses for new shared mailboxes – Use to automatically purchase standard shared mailbox licenses when needed to ensure that each newly added shared mailbox is protected with Spanning backups.

NOTE  If a warning message displays at the top of the page or the setting selections are not being saved correctly, please contact support@spanning.com.

Spanning runs daily automated backups of this data for each licensed user: Mail, Calendar, Contact, OneDrive, SharePoint, and Teams. On the Backup & Security tab, a backup tile displays for each of these backup types.

Review the backup tiles and modify these settings as needed:

  • Click a toggle to disable or enable a backup type for your Spanning Backup users.

NOTE  Teams Backup is disabled by default. While there is no additional cost for running Teams Backups, you must enable this feature manually. To enable Teams Backup, click to enable the toggle. You are then redirected to the consent screen for your tenant to add the permissions needed to enable Teams Backup. Once enabled it may take up to an hour for the permissions to be applied by Azure. For details, see Protecting and Exporting Teams Channel Conversations.

  • For SharePoint Backup, choose whether to automatically backup all site collections. This ensures that newly added site collections are protected automatically. (To manually enable or disable backup of specific site collections, see To select site collections to back up.)
  • If Teams Backup is enabled, choose whether to automatically backup all Teams channels. This ensures that newly added channels are protected automatically. (To manually enable or disable backup of specific channels, see To select Teams channels to back up.)

Security settings display below the backup tiles. Review and modify these settings as needed:

  • Encryption Key – Shows whether backups are encrypted using Spanning encryption keys or self-managed encryption keys. To change this setting, contact support@spanning.com.
  • API Token – Shows whether your account has an active API token.
    • If you’d like to access the Spanning Backup for Microsoft 365 API, you can enable your API token by clicking Generate API Token. Copy and save the token. You will need to supply this token for all API calls. For details on working with the Spanning API, see Spanning Backup for Office 365 API.
    • If you do not want access to the API, click Revoke API Token.

Use these procedures to configure notifications:

Daily status notifications provide details about the backups performed in a 24-hour period. Global Admins or Spanning Admins can navigate to the settings page to enable or disable daily status notifications and also modify the email recipients list. Any changes to the email recipient list are also tracked in the Past items on the Activity page. By default, the installer of Spanning Backup of Microsoft 365 is added to the recipient list for daily status notifications.

To enable or disable status notifications:

  1. Log into Spanning Backup for Microsoft 365 as an admin user.
  2. In the Status Summary Emails section on the Settings > Notifications tab:
    • indicates notifications are enabled
    •  indicates notifications are disabled
  3. Do any of the following:
    • Click to disable notifications.
    • Click  to enable notifications.
    • Click Add + to add an email recipient.
    • Click X to remove an email recipient.

For more on the daily status email, see this article: How do daily status notifications work in Spanning Backup for Microsoft 365?

Error Only Email enables external workflows for systems like BMS, ConnectWise, and Microsoft Power Automate. Any service that can take action on an inbound email can make use of Error Only Email. Use this procedure to configure an external address for receiving a plain text Error Only Email.

  1. Log into Spanning Backup for Microsoft 365 as an admin user.
  2. In the Error Only Email section on the Settings > Notifications tab, ensure that the feature toggle is enabled. If needed, click to enable the feature.
    • indicates the feature is enabled.
    •  indicates the feature is disabled.
  3. Click Add + to add email recipients.
  4. (Optional) Modify the maximum number of errors to report daily by entering a new Flood Protection Quantity.
  5. (Recommended) Click Send Test Email to send a test email to the addresses in the list. This is useful for workflow testing.
  6. Click Save.

In addition to unlimited retention, Spanning Backup for Microsoft 365 offers flexible tenant-wide retention for Mail, Calendar, Contacts, OneDrive, SharePoint, and Teams. If your organization requires backup retention rules that reflect your legal retention requirements, contact Support to enable this feature. Retention is based on the content's last modified date. Duration can be set differently for different workloads.

To view your retention settings, select the Settings > Notifications tab.

NOTE  To change these settings, contact support@spanning.com.

Use this tab to manage Spanning user roles and permissions. Spanning Backup for Microsoft 365 includes these user roles:

  • Non-Admin User – The Spanning admin configures the permissions that are applied to their non-admin users. Depending on the configuration, users may be able to log into Spanning Backup and export their own backups. For details, see To configure Non-Admin Users.
  • Microsoft 365 Global Administrator – All Microsoft 365 Global Administrators are Spanning Administrators, who have full rights and privileges over all end users and other admins. Super Administrators can add any licensed Spanning user as a Spanning Administrator.
  • Spanning Administrator – Spanning Administrators have full rights and privileges over all end users and other admins.

See these topics for details on working with user roles and permissions:

Configure Non-Admin Users settings by choosing whether to allow your end users to:

  • Log in and use Spanning Backup for Microsoft 365.
  • Export their own data.

Review your Backup Administrators settings. If needed, add or remove Spanning Administrators and as shown below.

To add a Spanning Administrator:

  1. Choose a user from the Spanning Administrators Select list.

NOTE  If you don't see your user in the list, license the user (see To assign licenses via the interface).

  1. Click Add Admin. Admin privileges are applied to the user.

To remove Admin privileges from a user, locate the user in the Spanning Administrators list and click the user's X. Click OK to confirm. Admin privileges are removed from the user.

Use this tab to manage integrations with other Kaseya modules.

You can opt to:

  • Configure the Login with IT Complete setting to enable single sign-on to Spanning Backup for Microsoft 365 from VSA or UniView.
  • Configure both the Login with IT Complete and KaseyaOne Integration settings to enable seamless authentication to Spanning Backup for Microsoft 365 via KaseyaOne Unified Login. KaseyaOne Unified Login makes management of the Kaseya product line significantly easier for Managed Service Providers, SMBs and MMEs who use multiple Kaseya products. This alternate authentication also removes the requirement for Microsoft 365 Administrators to provide additional credentials to partners who manage their backups, further securing their Microsoft 365 tenants.

See these topics for details:

IT Complete single sign-on (SSO) enables administrators to log into Spanning Backup with their VSA, UniView, or KaseyaOne credentials:

  • If you are using VSA or UniView for multi-tenant management with Spanning Backup for Microsoft 365, enabling SSO from those applications is recommended to further secure your Microsoft 365 tenants and simplify account management. Start by ensuring that the Microsoft 365 tenant has been added to your UniView or VSA instance as described in Check for the Microsoft 365 tenant in UniView or VSA. Then enable Login with IT Complete as described in To enable Login with IT Complete for UniView or VSA.

  • To use KaseyaOne Unified Login for seamless authentication to Spanning Backup for Microsoft 365, see the To integrate KaseyaOne procedure to enable Login with IT Complete and configure Unified Login.

Before you enable IT Complete single sign-on, you must ensure that the Microsoft 365 tenant has been added to your UniView or VSA instance. For details, see the instructions below for the applicable VSA or UniView environment.

In VSA 10:

  1. Navigate to Modules > Integrations > Unitrends Backup and log into the UniView Portal.
  2. Navigate to the Dashboard > Spanning > Microsoft 365 tab and verify that your Microsoft 365 tenant displays in the list:

If your tenant does not display in the list, add it as described in this topic in the UniView Portal Guide: Integrating a Microsoft 365 tenant.

In VSA 9:

  1. Select the SaaS Backup > Customers page.
  2. On the Microsoft 365 tab, verify that your Microsoft 365 tenant displays in the Company Name list:

If your tenant does not display in the list, click Add Customer to add the tenant.

In the UniView Portal (2.0):

  1. Navigate to the Dashboard > Spanning > Microsoft 365 tab.
  2. Verify that your Microsoft 365 tenant displays in the list:

If your tenant does not display in the list, add it as described in this topic in the UniView Portal Guide: Integrating a Microsoft 365 tenant.

In UniView 1.0:

  1. Select the SaaS Backup > Customers page.
  2. On the Microsoft 365 tab, verify that your Microsoft 365 tenant displays in the Company Name list:

If your tenant does not display in the list, click Add Customer to add the tenant.

IMPORTANT  Before running this procedure, ensure that the Microsoft 365 tenant has been added to your UniView or VSA instance as described in Check for the Microsoft 365 tenant in UniView or VSA.

  1. Log into Spanning Backup for Microsoft 365 as an admin user.
  2. On the Settings > Integrations tab, enable the Login with IT Complete toggle.
    • indicates the feature is enabled.
    •  indicates the feature is disabled.
  3. Log into your VSA or UniView instance and locate the tenant you just enabled for Login with IT Complete. Click the tenant's  icon to connect to your Microsoft 365 tenant in Spanning Backup.
  • In VSA 10: Navigate to Modules > Integrations > Unitrends Backup and log into the UniView Portal. Locate your tenant on the Dashboard > Spanning > Microsoft 365 tab. Click .
  • In VSA 9: Navigate to the SaaS Backup > Customers page. Locate your tenant on the Microsoft 365 tab. Click .
  • In the UniView Portal (2.0): Locate your tenant on the Dashboard > Spanning > Microsoft 365 tab. Click .
  • In UniView 1.0: Navigate to the SaaS Backup > Customers page. Locate your tenant on the Microsoft 365 tab. Click .
  1. You are logged into Spanning Backup with your VSA or UniView account.

NOTE  While logged in to Spanning Backup through IT Complete, all activity is audited and listed on the Activity page under your VSA or UniView identity.

IMPORTANT  Running this procedure disables these features: SSO from UniView, SSO from VSA, and KaseyaOne Unified Login. Users that had been accessing Spanning Backup with their UniView, VSA, or KaseyaOne credentials will need to log in with their Spanning Backup credentials. Ensure that your Spanning Backup users are prepared before making this change.

  1. Log into Spanning Backup for Microsoft 365 as an admin user.
  2. On the Settings > Integrations tab, disable the Login with IT Complete toggle.
    •  indicates the feature is disabled.
    • indicates the feature is enabled.

As a Kaseya customer, you may be subscribed to more than one of our IT Complete modules. Rather than keeping track of different sets of login credentials for each module, you can use KaseyaOne's Unified Login feature so that users can access their modules by using a single KaseyaOne account.

To enable seamless authentication to Spanning Backup for Microsoft 365 via KaseyaOne Unified Login, use these steps to link your Microsoft 365 tenant to your KaseyaOne organization:

NOTE   This procedure requires Microsoft 365 Global Administrator credentials and KaseyaOne Master role credentials.

  1. Log into Spanning Backup for Microsoft 365 as a Global Administrator.
  2. On the Settings > Integrations tab, enable the Login with IT Complete toggle.
    •  indicates the feature is disabled.
    • indicates the feature is enabled.
  3. In the KaseyaOne Integration tile, click Link Organization. You are redirected to the Microsoft 365 Login page.
  4. Log into Microsoft 365 with your Global Administrator account. You are redirected to the KaseyaOne Login page.



  5. Log into KaseyaOne as a Master role user.


  6. You are redirected to Spanning Backup, where you can see that the integration has been added.

NOTES   

  After the integration is added, any KaseyaOne user with access to Spanning Backup for Microsoft 365 can log into the Spanning tenants that are linked to this KaseyaOne instance. (See these KaseyaOne topics for more on how to set up access to Spanning Backup for KaseyaOne users: Spanning system groups and Modify a group.)

  While logged in to Spanning Backup through KaseyaOne Unified Login, all activity is audited and listed on the Activity page under the user's KaseyaOne identity.

IMPORTANT  Running this procedure disables KaseyaOne Unified Login. Users that had been accessing Spanning Backup with their KaseyaOne credentials will need to log in with their Spanning Backup credentials. Ensure that your Spanning Backup users are prepared before making this change.

  1. Log into Spanning Backup for Microsoft 365 as a Global Administrator.
  2. On the Settings > Integrations tab, click X in the KaseyaOne Integration tile to unlink the organization.

From the UniView Portal, you can manage all of your Unitrends Unified Backup products in one centralized location, streamlining your workflows to maximize efficiency. Integrating your Microsoft 365 tenant enables you to check the status of the tenant's recent backups, receive alerts for failed or partial backups, allocate licenses, upgrade from a Spanning trial to a paid subscription, and view license and storage information— right from UniView.

To get started, use the UniView Portal interface to add the Spanning Backup integration, as described in Integrating a Microsoft 365 tenant. Once your tenant has been added, information is synced hourly from Spanning Backup. Use the UniView Portal to work with this data, as described in Working with the Microsoft 365 view.

Don't have access to the UniView Portal? Contact your Account Manager or Support to set up your free account.

Using the legacy UniView 1.0 Portal? Use the procedure below to migrate to UniView Portal 2.0.

NOTE  You must be running UniView Portal 2.0 to integrate Spanning Backup. Integration is not supported for the legacy UniView 1.0 Portal.

Use this procedure to migrate from your VSA 9 TAP module or from your stand-alone UniView Portal 1.0 instance.

  1. Contact your Account Manager or Support to set up your free UniView Portal 2.0 account.

IMPORTANT  Do not proceed with this migration procedure until your UniView Portal 2.0 account has been created.

  1. Log into VSA 9 or your stand-alone UniView Portal 1.0 instance as an admin user.

  2. Go to the SaaS Backup module, then select Customers.

  3. Click Migrate to initiate the migration process.

  4. You are directed to UniView Portal 2.0. Log in to start migrating your clients.

  5. The migration process can take anywhere from one to 24 hours to complete for all clients. When migration is complete, get started with UniView Portal 2.0 by adding your Microsoft 365 tenants as described in Integrating a Microsoft 365 tenant.