Event banner
Event details
When MDI Prove is deployed on given Domain A, then a trust is established between Domain A and Domain B, MDI probe (by LDAP query) is able to report some data on Domain B. But when the trust is removed from Domain A to Domain B, the data associated to Domain B remains, is it a feature ? is it a bug ? is there some plan to automatically removed data from Domain B after a trust is removed ?
* As example Trust removed between A & B + 30 days without restablishment of the trust = data of Domain B removed
* Another example : A (mdi probe) <= trust => B <= trust => C, when trust removed between A & B + 30 days = data of Domain B and C removed.
- Martin_Schvartzman
Microsoft
As these entities and activities were recorded when there was a trust relationship there is no method to delete these entities or activities. When there are no activities for an entity, they will be deleted automatically within one year. See the following for more information - https://docs.microsoft.com/en-us/defender-for-identity/privacy-compliance#delete-personal-data
You can manually delete security alerts that might have been triggered from domain B.
