Azure AD Restore Requirements and Limitations
Clumio's Azure AD backup/restore service lets you back up and restore your Azure AD objects. Below are requirements and limitations when restoring Azure AD data.
Restoring User Objects
- From Azure AD -> Users, click on the restored user.
- Revoke any existing User sessions
- Reset the User password.
- If MFA is enabled for the user, re-enable MFA for the restored User object.
Restoring Group Objects
Mail-enabled security groups and distribution groups cannot be restored, due to a limitation from Microsoft Graph APIs.
Restoring Enterprise Apps
- Enterprise Apps which doesn’t have its corresponding app in the same tenant can not be restored
- Admin would need to consent to the permissions again in Azure AD for the Enterprise App to work.
- Login to your https://portal.azure.com as an Admin.
- Go under Azure Active Directory > Enterprise Applications > All Application. Click on the restored application
- Go under Permissions and click the "Grant Admin Consent" button
- This should ask you for the permissions. Hit the Allow option to provide the permissions again.
Restoring Registered Apps
- After restoring a Registered App, the Admin would need to regrant the App permissions in Azure
- The Admin would also need to recreate the associated Certificates and Secrets if any in Azure
- Go under Azure AD -> App Registrations and click on the Restored App.
- Go under the API Permissions section and click the "Grant Admin consent" button
- Go under the "Certificates & Secrets" section and add any Certificates and Secrets that the App may need.