Entra ID backup coverage

Entra ID coverage overview

Keepit offers the following Microsoft 365 Entra ID backup coverage:

  • Entra ID Advanced: 
    Protects usersgroupsadministrative unitsrolesservice principals, app registrations, policies, devices, and activity logs. 


Keepit's legacy backup coverage:

  • Entra ID Basic: 
    Protects users, groups, administrative units, roles, and activity logs.
  • Entra ID Standard: 
    Protects users, groups, administrative units, and roles.


Supported object attributes

Each object (user, group, administrative unit, role, service principal, policy, and app registration) has a set of attributes that we protect. For the full list, click here to here.

Supported Microsoft Intune device configuration profiles

For a full list of Intune device configuration profiles, click here.


Metadata backup scope

Metadata for objects can only be backed up and restored in relation to other objects included in the backup.

For instance, if a user is a member of 10 groups in Entra ID but only 5 of those groups are selected for backup in the connector configuration, the metadata of only those 5 groups will be backed up for the user. 

Object metadata

Users
  • Ownerships
  • Memberships
  • Manager
  • Role assignments
  • Licenses
  • Photo
Groups
  • Owners
  • Members
  • Memberships
  • Role assignments
  • Licenses
  • Photo
Administrative units
  • Members
  • Scoped-role assignments
Roles 
  • Role assignments (active and eligible) 
App registrations
  • Owners
  • Photo
Service principals
  • Owners
  • Assignments
  • Photo
Policies
  • Conditional access policies
  • Compliance policies
  • Configuration profiles
  • Authentication methods
  • Authentication strengths
  • Named locations
  • Account protection policies
Devices
  • BitLocker recovery keys
  • Windows LAPS
Activity logs
  • Audit logs
  • Sign-in logs