Forum Discussion
Secure Score - Accounts with non-default Primary Group ID
Hi all, I am getting a report that the object (computer) on AzureADKerberos active directory does not have a correct Primary Group ID; I have checked and see no anomalies; does anyone else have this ...
LiorShapira Thank you for your response.
I will point out that there are also other recommendations that have already been implemented in my environment, which, however, is reported to me as being executed
-Ensure that user consent for apps that access company data on their behalf is not allowed
-Enable Microsoft Login ID Identity Protection user risk policies
-Ensure that all privileged accounts have the configuration flag "this account is sensitive and cannot be delegated"
+ Enable conditional access policies to block legacy authentication
+Make sure the Password expiration policy is set to Set passwords as never-expiring (recommended)