Forum Discussion

NinjaKitty's avatar
NinjaKitty
Brass Contributor
Sep 09, 2020
Solved

Unsecure Kerberos delegation still visible after mitigation

Hello,

Azure ATP noticed some accounts with unsecure Kerberos delegation. We deleted the affected accounts in active directory. Actually the warning should disapere after that but is still visible. I dont unterstand.

  • EliOfek's avatar
    EliOfek
    Sep 10, 2020

    NinjaKitty 
    Make sure the AD account configured in the console has read access to AD's deleted items container.

7 Replies

  • Or Tsemah's avatar
    Or Tsemah
    Former Employee
    Sep 09, 2020

    NinjaKitty 

    Azure ATP needs to detect that these accounts are actually deleted, have you seen the "Deleted" tag added to these user account pages in AATP?

    • NinjaKitty's avatar
      NinjaKitty
      Brass Contributor
      Sep 10, 2020

      Or Tsemah 

      The accounts are still marked as "active" in AATP even though they are deleted in active directory.

      • EliOfek's avatar
        EliOfek
        Icon for Microsoft rankMicrosoft
        Sep 10, 2020

        NinjaKitty 
        Make sure the AD account configured in the console has read access to AD's deleted items container.