Azure ATP Directory services account rights

%3CLINGO-SUB%20id%3D%22lingo-sub-1139087%22%20slang%3D%22en-US%22%3EAzure%20ATP%20Directory%20services%20account%20rights%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-1139087%22%20slang%3D%22en-US%22%3E%3CP%3EHi%2C%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3EI%20cloud%20not%20find%20documentation%20on%20the%20needed%20rights%20for%20the%20service%20account%20that%20is%20defined%20in%20Directory%20services.%20Can%20you%20point%20me%20to%20the%20document%20or%20give%20instructions%20on%20how%20to%20setup%20the%20correct%20user%20rights.%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3EJari%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-SUB%20id%3D%22lingo-sub-1139249%22%20slang%3D%22en-US%22%3ERe%3A%20Azure%20ATP%20Directory%20services%20account%20rights%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-1139249%22%20slang%3D%22en-US%22%3E%3CP%3E%3CA%20href%3D%22https%3A%2F%2Ftechcommunity.microsoft.com%2Ft5%2Fuser%2Fviewprofilepage%2Fuser-id%2F538306%22%20target%3D%22_blank%22%3E%40Jari_L%3C%2FA%3E%26nbsp%3B%2C%20basically%20it%20needs%20read%20only%20access%20to%20AD%20and%20to%20it's%20deleted%20items.%3C%2FP%3E%0A%3CP%3EOne%20some%20hardened%20networks%20it%20might%20require%20more%20tweaks%2C%20but%20mostly%20that's%20it...%3C%2FP%3E%3C%2FLINGO-BODY%3E
Highlighted
Occasional Visitor

Hi,

 

I cloud not find documentation on the needed rights for the service account that is defined in Directory services. Can you point me to the document or give instructions on how to setup the correct user rights.

 

Jari

1 Reply
Highlighted

@Jari_L , basically it needs read only access to AD and to it's deleted items.

One some hardened networks it might require more tweaks, but mostly that's it...