Azure ATP Directory services account rights

%3CLINGO-SUB%20id%3D%22lingo-sub-1139087%22%20slang%3D%22en-US%22%3EAzure%20ATP%20Directory%20services%20account%20rights%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-1139087%22%20slang%3D%22en-US%22%3E%3CP%3EHi%2C%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3EI%20cloud%20not%20find%20documentation%20on%20the%20needed%20rights%20for%20the%20service%20account%20that%20is%20defined%20in%20Directory%20services.%20Can%20you%20point%20me%20to%20the%20document%20or%20give%20instructions%20on%20how%20to%20setup%20the%20correct%20user%20rights.%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3EJari%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-SUB%20id%3D%22lingo-sub-1139249%22%20slang%3D%22en-US%22%3ERe%3A%20Azure%20ATP%20Directory%20services%20account%20rights%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-1139249%22%20slang%3D%22en-US%22%3E%3CP%3E%3CA%20href%3D%22https%3A%2F%2Ftechcommunity.microsoft.com%2Ft5%2Fuser%2Fviewprofilepage%2Fuser-id%2F538306%22%20target%3D%22_blank%22%3E%40Jari_L%3C%2FA%3E%26nbsp%3B%2C%20basically%20it%20needs%20read%20only%20access%20to%20AD%20and%20to%20it's%20deleted%20items.%3C%2FP%3E%0A%3CP%3EOne%20some%20hardened%20networks%20it%20might%20require%20more%20tweaks%2C%20but%20mostly%20that's%20it...%3C%2FP%3E%3C%2FLINGO-BODY%3E
Occasional Visitor

Hi,

 

I cloud not find documentation on the needed rights for the service account that is defined in Directory services. Can you point me to the document or give instructions on how to setup the correct user rights.

 

Jari

1 Reply

@Jari_L , basically it needs read only access to AD and to it's deleted items.

One some hardened networks it might require more tweaks, but mostly that's it...