Forum Discussion
AD Connect MSOL_ User + Suspected DCSync Attack
We use AD Connect in order to replicate our on premise AD accounts to Azure AD. The replication process is completed under the context of the 'MSOL_xxxxxxxx' user account. The AD Connect applicatio...
EliOfek How do we do this in MCAS as all ATP exclusions are now greyed out?!
The DCSync pre-configured policy doesn't seem to have an exclusion option. How should the AADConnect server be tagged to be excluded from the default Suspected DCSync attack (replication of directory services) policy ?
Looking where to exclude.
