Azure ATP account user help

%3CLINGO-SUB%20id%3D%22lingo-sub-1187773%22%20slang%3D%22en-US%22%3EAzure%20ATP%20account%20user%20help%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-1187773%22%20slang%3D%22en-US%22%3E%3CP%3EI%20need%26nbsp%3B%20help%20to%20identify%20which%20type%20of%20user%20should%20I%20create%20for%20the%20Azure%20ATP%20Tenant.%20According%20to%20the%20documentation%3A%20%3CA%20href%3D%22https%3A%2F%2Fdocs.microsoft.com%2Fen-us%2Fazure-advanced-threat-protection%2Fatp-prerequisites%23before-you-start%22%20target%3D%22_blank%22%20rel%3D%22noopener%20noreferrer%20noopener%20noreferrer%20noopener%20noreferrer%22%3Ehttps%3A%2F%2Fdocs.microsoft.com%2Fen-us%2Fazure-advanced-threat-protection%2Fatp-prerequisites%23before-you-start%3C%2FA%3E%20the%20user%20must%20be%20standard%20..%20But%20how%20will%20objects%20be%20read%20AD-%20and%20Domain%20controller%20permissions%20to%20read%20users%2C%20but%20i%20think%20if%20i%20put%20a%20basic%20user%20the%20user%20cannot%20read%20the%20log%20files%20and%20just%20access%20the%20domain%20but%20not%20list%20the%20objects.%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3EThanks%20for%20helping%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-SUB%20id%3D%22lingo-sub-1187958%22%20slang%3D%22en-US%22%3ERe%3A%20Azure%20ATP%20account%20user%20help%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-1187958%22%20slang%3D%22en-US%22%3E%3CP%3E%3CA%20href%3D%22https%3A%2F%2Ftechcommunity.microsoft.com%2Ft5%2Fuser%2Fviewprofilepage%2Fuser-id%2F437277%22%20target%3D%22_blank%22%3E%40Valdoscarin%3C%2FA%3E%26nbsp%3B%20This%20user%20is%20not%20used%20to%20read%20log%20files%2C%20it%20mainly%20used%20to%20read%20AD%20entities%2C%20so%20it%20needs%20read%20permissions%20to%20AD%2C%20preferably%20including%20the%20deleted%20objects%20folder.%3C%2FP%3E%3C%2FLINGO-BODY%3E
Highlighted
Occasional Contributor

I need  help to identify which type of user should I create for the Azure ATP Tenant. According to the documentation: https://docs.microsoft.com/en-us/azure-advanced-threat-protection/atp-prerequisites#before-you-start the user must be standard .. But how will objects be read AD- and Domain controller permissions to read users, but i think if i put a basic user the user cannot read the log files and just access the domain but not list the objects.

 

Thanks for helping

1 Reply
Highlighted

@Valdoscarin  This user is not used to read log files, it mainly used to read AD entities, so it needs read permissions to AD, preferably including the deleted objects folder.