Menu

Setting up Veeam Restore Portal Notifications

This Script helps you in preparing and configuring Audit Email Settings for the Veeam restore portal of Veeam Backups for Office365. This script is prepared by Jorgedelacruz and it is available on https://github.com/jorgedlcruz

Variables to login on Veeam Backup for Microsoft 365
$veeamUsername = “YOURVB365USERNAME”
$veeamPassword = “YOURVB365PASSWORD”
$veeamRestServer = “https://yourvb365iporhostname”
$veeamAPIversion = “v7”
$veeamRestPort = “4443” #Default Port

Variables to login and Auth in GoogleMail, or Microsoft 365
$ServerType = “Microsoft365”
$redirectUrl = “http://localhost”

Not needed if you want to use the Official Veeam App to send emails (recommended)

$clientId = “YOURCLIENTID”

$clientSecret = “YOURSECRET”

$tenantId = “YOURTENANTID”

Variables to login and Auth in GoogleMail, or Microsoft 365
$mailFrom = “YOURMAILFROM”
$mailTo = “YOURMAILTOBETTERTOBEADL”
$subject = “VBO Audit – %StartTime% — %OrganizationName% – %DisplayName% – %Action% – %InitiatedByUserName%”

Ignore SSL errors
[System.Net.ServicePointManager]::ServerCertificateValidationCallback = {$true}

Define the total number of steps
$totalSteps = 6

1.- Get Auth Token on Veeam Backup for Microsoft 365 Server
Write-Progress -Activity “Processing Items” -Status “Step 1 of $totalSteps : Getting Auth Token” -PercentComplete (1/$totalSteps100)
Write-Host “Step 1 of $totalSteps : Getting Auth Token” -PercentComplete (1/$totalSteps100)

Define the headers and body for your request
$headers = @{
“Content-Type” = “application/x-www-form-urlencoded”
“Accept” = “application/json”
}
$body = @{
“grant_type” = “password”
“username” = $veeamUsername
“password” = $veeamPassword
“refresh_token” = “””
}

Send the POST request and store the response
$response = Invoke-RestMethod -Method Post -Uri “$veeamRestServer`:$veeamRestPort/$veeamAPIversion/token” -Body $body -Headers $headers

Get the access_token from the response
$veeamBearer = $response.access_token

2.- Prepare OAuthSignIn which involves querying our AzureAD
Write-Progress -Activity “Processing Items” -Status “Step 2 of $totalSteps : Preparing OAuthSignIn” -PercentComplete (2/$totalSteps100)
Write-Host “Step 2 of $totalSteps : Preparing OAuthSignIn” -PercentComplete (2/$totalSteps100)

Prepare OAuthSignIn
$veeamRestEndPoint = “$veeamRestServer`:$veeamRestPort/$veeamAPIversion/AuditEmailSettings/PrepareOAuthSignIn”
$headers = @{
“Content-Type” = “application/json”
“Accept” = “application/json”
“Authorization” = “Bearer $veeamBearer”
}
$body = @{
“authenticationServiceKind” = $ServerType
“redirectUrl” = $redirectUrl

Not needed if you want to use the Official Veeam App to send emails (recommended) # “clientId” = $clientId #”clientSecret” = $clientSecret #”tenantId” = $tenantId

}
$response = Invoke-RestMethod -Method Post -Uri $veeamRestEndPoint -Body ($body | ConvertTo-Json) -Headers $headers
$signInUrl = $response.signInUrl

3.- Spin up a localhost server to get the redirect parameters
Write-Progress -Activity “Processing Items” -Status “Step 3 of $totalSteps : Starting localhost server for redirect” -PercentComplete (3/$totalSteps100)
Write-Host “Step 3 of $totalSteps : Starting localhost server for redirect” -PercentComplete (3/$totalSteps100)
$prefix = ‘http://localhost/’
$listener = New-Object System.Net.HttpListener
$listener.Prefixes.Add($prefix)
$listener.Start()
Start-Process $signInUrl
Start-Sleep -Seconds 30
$context = $listener.GetContext()
$requestUrl = $context.Request.Url
$listener.Stop()
$params = [System.Web.HttpUtility]::ParseQueryString($requestUrl.Query)
$code = $null
$state = $null
$params.AllKeys | ForEach-Object {
if($_ -eq ‘code’) {
$code = $params[$]
}
if($ -eq ‘state’) {
$state = $params[$_]
}
}

4.- Let’s complete the OAuthSignIn now
Write-Progress -Activity “Processing Items” -Status “Step 4 of $totalSteps : Completing OAuthSignIn” -PercentComplete (4/$totalSteps100)
Write-Host “Step 4 of $totalSteps : Completing OAuthSignIn” -PercentComplete (4/$totalSteps100)
$veeamRestEndPoint = “$veeamRestServer`:$veeamRestPort/$veeamAPIversion/AuditEmailSettings/CompleteOAuthSignIn”
$headers = @{
“Content-Type” = “application/json”
“Accept” = “application/json”
“Authorization” = “Bearer $veeamBearer”
}
$body = @{
“code” = $code
“state” = $state
}
$response = Invoke-RestMethod -Method Post -Uri $veeamRestEndPoint -Body ($body | ConvertTo-Json) -Headers $headers
$requestId = $response.requestId
$userId = $response.userId

5.- Let’s now put the email settings with the OAuth values
Write-Progress -Activity “Processing Items” -Status “Step 5 of $totalSteps : Setting Email settings” -PercentComplete (5/$totalSteps100)
Write-Host “Step 5 of $totalSteps : Setting Email settings” -PercentComplete (5/$totalSteps100)
$veeamRestEndPoint = “$veeamRestServer`:$veeamRestPort/$veeamAPIversion/AuditEmailSettings”
$headers = @{
“Content-Type” = “application/json”
“Accept” = “application/json”
“Authorization” = “Bearer $veeamBearer”
}
$body = @{
“enableNotification” = $true
“from” = $mailFrom
“to” = $mailTo
“subject” = $subject
“authenticationType” = $ServerType
“userId” = $userId
“requestId” = $requestId
}
$response = Invoke-RestMethod -Method Put -Uri $veeamRestEndPoint -Body ($body | ConvertTo-Json) -Headers $headers

6.- Final step, let’s check if all is good
Write-Progress -Activity “Processing Items” -Status “Step 6 of $totalSteps : Checking Email settings” -PercentComplete (6/$totalSteps100)
Write-Host “Step 6 of $totalSteps : Checking Email settings” -PercentComplete (6/$totalSteps100)

$veeamRestEndPoint = “$veeamRestServer`:$veeamRestPort/$veeamAPIversion/AuditEmailSettings”
$headers = @{
“Accept” = “application/json”
“Authorization” = “Bearer $veeamBearer”
}
$response = Invoke-RestMethod -Method Get -Uri $veeamRestEndPoint -Headers $headers

Write-Host “This is the configuration that we have pushed to VB365”
$response

Write-Host “Sending test email…”

$veeamRestEndPoint = “$veeamRestServer`:$veeamRestPort/$veeamAPIversion/AuditEmailSettings/SendTest”
$headers = @{
“Accept” = “application/json”
“Authorization” = “Bearer $veeamBearer”
}
$response = Invoke-RestMethod -Method Post -Uri $veeamRestEndPoint -Headers $headers

Write-Host “Test email has been sent!”

Related Articles

Automate Page Blob Deletion after specific Days using PowerShell

In this blog post we will go through a PowerShell script for Removing Old SQL Database Backup Files from Azure Storage.…

Microsoft Ignite Event

Join the conversation with #MSIgnite Experience AI transformation in action at Microsoft Ignite In Seattle: November 14–17, 2023 PT |…

Microsoft Active Directory Replication Commands

Microsoft Active Directory (AD) is a directory service that stores and manages information about network resources, such as users, computers,…

Release License From Old User in Veeam Backup For Office365

You can use the following scripts and bonus tips in any combination if the corresponding component exists in the repository…

Veeam Service Provider Console: Easily Configure SSO with Azure Active Directory.

Veeam Whitepaper is attached below with all configurations.

Veeam Backup for Office365 Best Practices

Table of Contents Overview: This document contains the best practices for Veeam Backup for Microsoft 365. It is not meant…

Let's CONNECT with us

Need assistance or support with any tech-related challenges? Reach out to us! Our expert team is here to help you find the right solutions for your needs
24 / 7
+1 587-589-3798
connect@protechbyte.com