Forum Discussion
Bulk Add for Sensitive Users and Groups ???
Is there a way to bulk add a list of Sensitive Users and Groups? Thanks, Troy
Hi Troy,
You may want to check if the users you are trying to add are members of the "by design considered sensitive groups in AD" which are listed here: https://docs.microsoft.com/en-us/defender-for-identity/manage-sensitive-honeytoken-accounts#sensitive-entities
I am personally unaware of a PowerShell module being available for MDI which could be used to populate that list from a .csv if you have a genuine reason to define users as Sensitive who don't belong in those "by design" groups.
In the context of "automation" you may want to add those users in the Power Users group in AD as in newer versions of Windows the role is practically obsolete and this would matter only if you have legacy applications which could "use" the related rights and permissions.
You may want to check if the users you are trying to add are members of the "by design considered sensitive groups in AD" which are listed here: https://docs.microsoft.com/en-us/defender-for-identity/manage-sensitive-honeytoken-accounts#sensitive-entities
I am personally unaware of a PowerShell module being available for MDI which could be used to populate that list from a .csv if you have a genuine reason to define users as Sensitive who don't belong in those "by design" groups.
In the context of "automation" you may want to add those users in the Power Users group in AD as in newer versions of Windows the role is practically obsolete and this would matter only if you have legacy applications which could "use" the related rights and permissions.