Add a Tenant to Cayosoft Guardian
Adding your Entra ID/Office 365 cloud tenant immediately enables change monitoring and data backup for continuous protection against unwanted changes.
Create an Entra ID/Office 365 Connection Account
- Make this Connection Account a member of the Global Administrators role.
- Add a Microsoft 365 license to this account if the account needs to send alerts through Microsoft Teams or Microsoft Exchange.
Add an Entra ID/Office 365 Tenant
- Sign in to Cayosoft Guardian using your Guardian Global Admin account (The person who installs the product automatically becomes a Guardian Global Admin.)
- To add Entra ID /Office 365 tenant click Add tenant in Entra ID/Office 365 section in the Home:
- In New Microsoft 365 tenant wizard specify the Office 365 account to connect to Office 365.
Office 365 connection account should hold the Global Admin Role in the target Entra ID/Office 365 tenant and must be a cloud-only account, i.e. not synchronized with on-premises Active Directory.
If you want to use legacy authentication, see the step-by-step procedure in the section provided below. - Click Next.
- To access a tenant, the Cayosoft Guardian Connection Account must be granted the administrator's consent. Click Grant:
- The web browser will open, and you will need to sign-in with the Guardian Connection Account.
- Specify the password for Entra ID/Office 365 Guardian Connection Account and click Sign-in.
- Click Accept.
- In New Office 365 Tenant wizard, verify that Consent status changed to Granted
- Click Next
- When using modern authentication, Cayosoft Guardian also requires administrator consent.
- Verify that the tenant was successfully added and click Close.
As a result, this new tenant will appear in your list of managed tenants in Entra ID \ Microsoft 365 section in the Home.
Two jobs will be configured: 'Default Azure AD Backup Job' and 'Default Audit Job'. By default, jobs are configured in continuous run mode. In case you need to run jobs at specific time, you can modify job settings under the Jobs node. Once the job completes the initial data collection, it would start to collect change records on each run. Navigate to Change History node to see what was changed in your tenant.
Adding managed tenant using legacy authentication method
- For legacy authentication, click Use legacy authentication (password flow), specify Account password and click Next:
- To access a tenant, Guardian must be granted admin consent. Click Grant:
- Specify the password for Office 365 account and click Sign-in.
- Click Accept.
- In New Microsoft 365 tenant wizard, verify that Consent status is Granted now.
- Click Next.
- Verify that the tenant was successfully added and click Close.
How to add/delete credentials
To edit the credentials:
- Open the Cayosoft Guardian web portal.
- Expand Configuration node.
- Select the Managed tenants node.
- Select the tenant and click Properties.
- On the Credentials tab, click Edit.
- Click Add + and select the credentials to be added
- For Token credential, specify:
- Account name - the account name for which the credential is being configured
- Refresh token - the refresh token (or password) associated with the account
- Type - the type of token credentials.
- For Password credential, specify:
- Account name - the account name for which the credential is being configured
- Refresh token - the refresh token (or password) associated with the account
- Type - the type of password credentials.
To delete the credentials:
- Open the Cayosoft Guardian web portal.
- Expand Configuration node.
- Select the Managed tenants node.
- Select the tenant and click Properties.
- On the Credentials tab, click Edit.
- Click the vertical kebab icon and click Delete.
- Confirm the deletion.
Comments
0 comments
Please sign in to leave a comment.