Posted: 07 May 2021 08:51 AM PDT
Veeam Backup for Microsoft Office 365 is subject to throttling rules placed on SharePoint sites. These rules limit traffic speed for any item downloaded per user from any SharePoint site or OneDrive for Business on Microsoft servers. These throttling rules generally go unnoticed in day-to-day use of the cloud product but can drastically limit backup recovery point objectives. Veeam has a solution to this problem in the way of Auxiliary backup accounts.
Auxiliary backup accounts provide a form of load balancing from SharePoint and OneDrive for Business servers through multiple Microsoft account invitations. Since each account can generally back up at the maximum defined throttling speed, the overall backup job completes exponentially faster. This will also speed up the backup of data that resides on SharePoint in the backend, like Microsoft Teams. Creating multiple user accounts in Microsoft Office 365 and then adding them to the Veeam Backup for Microsoft Office 365 console can take time and patience. It is also found when someone needs to do a repetitive task by hand; things like security might be overlooked to save time, like setting each account with the same password.
All of these points bring us to the reason for this blog, a PowerShell script that makes as many accounts as you want and sets a secure, unique password for Veeam Backup for Microsoft Office 365 version 5 for each account. This script was built for basic authentication. If the organization requires modern app-only authentication, then mitigating throttling Microsoft Azure AD applications will be needed. More information can be found in our user guide.
Before creating any accounts, there are a few things to consider. The script will need to be run from the Veeam Backup for Microsoft Office 365 server so that the users can be added to the console. When creating users to add into the Veeam Backup for Microsoft Office 365 console, they will be added via a security group, so the account used to run the script will need to be an administrator account in Office 365 with enough permissions to create users and groups then add them to that group. In the script, the number of accounts can be configured to whatever is needed for the organization. The script can also be re-run with increased numbers to add more users if needed. It is the recommendation to start at eight accounts per proxy added to the console for the organization, then monitor for any signs of continued throttling in the job. Examples of signs you’re still being throttled are getting 503 errors in the logs or if the console jobs seem to process significantly faster at the start of the job run then slow down as time goes on.
If there are still signs of OneDrive for Business or SharePoint sites being throttled in the job, then increase the number of accounts in increments of eight until the issue is resolved. The script has been designed to follow this model with the variables. The $ProxyCount only needs the number of proxies added in the console, and the math will be done in the background. If additional accounts are needed, then use the variable.
Before running the script below, three variables must be filled in.
$ProxyCount will signify the number of proxies added to the Veeam Backup for Microsoft Office 365 console used for that organization.
$AzureAdmin needs to be a Microsoft 365 account admin with add and modify permissions for users and groups.
$VBOOrg is the organization’s name as it appears in the Veeam Backup for Microsoft Office 365 console.
If you need additional accounts, use the $AdditionalAccountSets variable. With this variable, you only need to increase the number by one increment to get an additional eight accounts. For example, if you increase the number to 10, the script will create an additional 80 accounts.
Create Auxiliary Backup Accounts script.
How to remove the accounts
There are many reasons to need the removal of data, including users, from Microsoft Office 365. Below is a script that will clear all accounts and the group created from the script above. These users will be removed from both the active user list and the recycling bin. The only variable that needs to be filled out in this script is $AzureAdmin for the account used to delete the users.
Remove Auxiliary Backup Accounts script.
Throttling from Microsoft can be a significant cause of job performance issues when processing SharePoint sites and OneDrive for Business objects, but adding backup auxiliary accounts can help alleviate this bottleneck and can be made easy by using the scripts mentioned above. If adding more accounts does not give a noticeable difference in backup efficiencies, then the problem might not be Microsoft throttling. Many other factors can also affect performance, like under-provisioned resources on the server or proxies, slow storage processing for the backup and network constraints, including internet connection.
Check out our Deployment Guide or the Best Practice Guide to ensure the components are appropriately provisioned and open a case with support if the issues persist. Please keep in mind that troubleshooting scripts is outside the support contract. Alternatively, Veeam has a great community on the forums to help with any Veeam-related script issues.
To get started with Veeam Backup for Microsoft Office 365, begin a FREE 30-day trial today!
The post How to automate adding Veeam Backup <em>for Microsoft Office 365</em> Auxiliary accounts appeared first on Veeam Software Official Blog.
