Microsoft Secure Tech Accelerator
Apr 03 2024, 07:00 AM - 11:00 AM (PDT)
Microsoft Tech Community

Azure ATP service account

Copper Contributor

Hi guys

I have a question about the service account used to connect Azure ATP with the domain

In ATA we always grant read all user objects and read-only permissions on the Deleted Objects Container 

With Azure ATP we need to do the same configuration for this account?

 

Best Regards

1 Reply
Yes - same configuration. This account is also used Azure ATP for the SAMR connections to endpoints to build the Lateral Movement Graph.