Architecture

Bacula Enterprise Microsoft 365 Plugin is using the Microsoft Graph API to perform almost all of its operations. Therefore, the plugin is working at the maximum granularity that the service provides.

Microsoft Graph

Microsoft Graph

All the information is obtained using secure and encrypted HTTPS queries to Microsoft 365 from the File Daemon where the plugin is installed. All the requests are performed over the following endpoints:

To get more information about Graph API, visit: https://learn.microsoft.com/en-us/graph/overview

The plugin will contact an Azure registered app named bacula-m365-plugin and will use it as a bridge to download the required data or objects during the time of a backup and send them to the Storage Daemon. Conversely, the plugin will receive them from an SD and perform uploads as needed during a restore.

The implementation is done through a Java Daemon, therefore Java is a requirement in the FD host. For more information about the bacula-m365-plugin, please, consult Authorization section.

Below is a simplified vision of the architecture of this plugin inside a generic Bacula Enterprise deployment:

M365 Plugin Architecture

M365 Plugin Architecture

Listed below is the information that can be protected using this plugin:

  • Email

    • Common MailFolders (Inbox, Deleted Items, Drafts..)

    • User MailFolders & SubFolders

    • Messages & EventMessages

    • Attachments (ItemAttachments, FileAttachments and ReferenceAttachments)

    • Mailbox settings

    • Folder Rules

  • OneDrive

    • Onedrive for Business of Users, for each drive unit

      • Folders

      • Files

      • File Versions

    • Group libraries, for each drive unit

      • Folders

      • Files

      • File Versions

    • Sharepoint site libraries, for each drive unit

      • Folders

      • Files

      • File Versions

    • Shared permissions (direct access, share links, expiration times..)

    • SharedWithMe Objects

  • Sharepoint

    • Pnp Site template

      • Site metadata

      • Lists metadata

      • ListItems metadata

      • WebPages metadata

    • Site Object

      • Site sharing permissions

    • Lists Objects

    • ListItem Objects

  • Contacts/People

    • Contact object

    • Name of Groups of contacts

    • Organizational contact object

  • Tasks

    • User Todo lists

    • User Todo tasks

  • Calendars

    • Calendar objects

    • Calendar group objects

      • Calendar permissions

    • Events objects

    • Attachments (ItemAttachments, FileAttachments and ReferenceAttachments)

      • MIME objects where possible

  • Notebooks

    • Notebook objects

    • Section objects

    • SectionGroup objects

    • Pages

      • Page contents (Html formatted) - Page resources

        • Page image files

        • Page object files (any other file apart from images)

  • Teams

    • Team objects

    • Team settings

    • Team members and associated roles

    • Team installed apps

    • Channel objects

      • Channel tabs

      • Channel chat messages

        • Chat messsages hosted contents

  • Chat

    • Chat objects

    • Chat installed apps

    • Chat tabs

    • Channel chat messages

      • Chat messages hosted contents

  • Activity

    • Varied service reports in CSV format

All the information of each object is stored in JSON format (except for Pnp site template, which is stored in XML), preserving all their original values. When the plugin works with objects containing additional data (MIME files for messages, data for attachments and files of OneDrive, etc), that data is also backed up.

Go back to Microsoft 365 (M365) Plugin article.