Setting up DryvIQ in a Microsoft Office 365 GCC High Environment
- Andrea Harvey
Overview
Office 365 GCC High environments require special setup that GCC Moderate and public cloud accounts do not. This page details the steps needed to configure DryvIQ to migrate to and/or from a GCC High Office 365 tenancy.
Create a custom app registration for DryvIQ in the GCC High tenancy
DryvIQ in a GCC High environment currently requires a custom app registration to be created in that tenancy.
Navigate to the Azure Active Directory blade in the Azure portal. (https://portal.azure.us).
Select App Registrations from the left navigation menu and then select New Registration.
Register an application by completing the following fields and then click Register.
Name: Enter the user-facing display name for the application.
Supported account types: Select option Accounts in this organization directory only…
Redirect URI: Enter the following https://api.portalarchitects.com/v1/external/oauth2On the Overview tab, make a note of the Application (client) ID value. This, along with the client secret (see below), will be used to set up the DryvIQ connection.
Select Certificates & secrets.
Select New client secret.
Add a description for the new client secret and select an appropriate expiration date. Then, click Add.
Copy the client secret value and save it. This, along with the application (client) ID will be used to create the DryvIQ connection. After navigating away from this page, the client secret will no longer be available to view or copy. Be sure to save it at this step.
Select API permissions in the left navigation panel.
Select Add a permission.
Select Microsoft Graph from the Request API permissions options.
Select Delegated permissions.
Scroll, expand, select then add the following permissions for Microsoft Graph.
Click Grant admin consent for (tenancy name).
Click Yes to confirm.
Registration is complete.
Configure DryvIQ with custom app registration
Set the following configuration entries in DryvIQ.
The same application (client) ID and client secret values should be used for both Office 365 and OneDrive for Business, but each connector must have its own configuration entries.
For SharePoint Online GCC High
Name | Value |
|---|---|
office365-graph-gcch:client_id | Application (client) ID for custom app registration in Azure AD (above) |
office365-graph-gcch:client_secret | Client secret for custom app registration in Azure AD (above) |
For OneDrive for Business GCC High
Name | Value |
|---|---|
onedrive-business-graph-gcch:client_id | Application (client) ID for custom app registration in Azure AD (above) |
onedrive-business-graph-gcch:client_secret | Client secret for custom app registration in Azure AD (above) |
See https://skysync.atlassian.net/wiki/spaces/DryvIQ/pages/3389816833/Configuration+Options?src=search for more information on setting configuration options in DryvIQ.
Restart the DryvIQ Manager service after setting these configuration options to ensure that they will be used by DryvIQ.
Configure DryvIQ connections
In DryvIQ go to Connections and click Add Connection. Then choose either the Microsoft Office 365 GccH or Microsoft OneDrive for Business GccH connector. From this point, proceed as with the public Office 365 connectors.