Now that you have completed all the fields and configured the advanced settings, it's time to finalize the installation.
To do so, follow the steps below.
Simeon Cloud Installer service principal
The Simeon Cloud Installer service principal is an essential component required for all installation types, whether you choose default options or customize your setup. This service principal is automatically added when the tenant installer is initiated and is subsequently removed once the tenant installation is complete.
Installation
Click “Add” at the bottom right of the page:
You will now be asked to sign in as a Global Administrator in the tenant you are installing. This is necessary to create a Service Principal in the tenant, which Configuration Manager uses for various operations. If a service account option was chosen, this step also involves creating that account.
If you selected to “Link an azure subscription”, Configuration Manager requires a Global Admin to grant Configuration Manager access to read from this subscription.
If you install your tenant using Delegated Authentication and a custom service principal, with no other advanced settings selected, you will not be prompted to sign-in as a Global Administrator.
After signing into the tenant, the installation will proceed.
Now that you have authenticated into the tenant, Configuration Manager sets up the necessary resources both within the tenant itself and in your Azure DevOps backend.
Please note that if you selected to use a custom service principal, you will bring in your own scopes and permissions.
At this point, we have installed the tenant and the follow has been completed:
- we have created the service principal in the tenant (if you are not providing a custom service principal)
- we have created the service account user in the tenant (if selected)
- we have granted Configuration Manager permission to read from an Azure subscription (if selected)
- we have set up the resources in Azure DevOps, including a Sync pipeline and a tenant repository
and Configuration Manager is now ready to start the first sync to backup the tenant.
First Sync
Once the installation completes successfully, click the “SYNC NOW” button to proceed with your first sync!
During the first sync, Configuration Manager will only backup the data from the tenant.
Delegated Authentication: create refresh token before proceeding with Sync
If Delegated Authentication was chosen, you must sign into the tenant to create a refresh token before the Sync can proceed. This involves generating a code, logging in, and submitting the code to authenticate successfully.
Once the green “In progress” button turns into the yellow “Pending authentication” button click it to open the wizard and proceed with the authentication to the Tenant:
- Select the “Pending authentication” button
- Copy and paste the given code into the pop-up in your browser window.
- Click “Login”; sign in with the user you want to use for delegated authentication and grant access to Microsoft Azure PowerShell
After the delegated authentication process is complete, the Sync status will return to "In Progress" and the Sync will proceed to perform your first backup.
Sync process
The Sync process will begin, reading all configurations in the tenant and backing them up as code into your repository in Azure DevOps.
Completion of Sync
The Sync completes successfully, and the system indicates that the tenant is now in an “Idle” state, ready for the next Sync. A report is generated after each Sync, showing all configurations added to the backup during the Sync.
The “Has Changes” column, marked by a green icon, indicates detected changes from the previous Sync, as expected for your first Sync. A detailed post-sync report outlines all activities, with a small arrow on the left for more details.
To access the report, click the clock icon on the left:
Access the report:
During the initial Sync, the report will display all items that have been backed up from the tenant. For any subsequent Syncs, only the newly detected changes will be shown.