Apr 14 2020 08:08 AM
Hello!
Installed the AATP sensor on our domain:
exampledomain.com - works ok with a standard user account on that domain as the directory credentials
Also have a child domain:
child.exampledomain.com - that handles all student accounts
Do we need to add another user account on the child.exampledomain.com domain directory credentials into the existing setup? Or a different suggestion. I didn't see anything in the microsoft docs about it.
Thanks
Apr 14 2020 08:46 AM
Hi @m_nicholls
Your directory service account will need read access to all objects in the monitored domains.
https://docs.microsoft.com/en-us/azure-advanced-threat-protection/install-atp-step2#prerequisites
Yes, one account will work with: exampledomain.com & child.exampledomain.com
If you also have a multi-forest environment with a two-way trust, you still only need one account.
Additional credentials are only required for each forest with non-Kerberos trust or no trust.
https://docs.microsoft.com/en-us/azure-advanced-threat-protection/atp-multi-forest