Azure ATP with single domain, multiple AAD tenants

VesaP1695 · ‎Apr 08 2020

Is Azure ATP in any way usable in a single domain, multiple tenant setup? Our legacy on-prem AD is shared with our service provider and several other customers, but each has a dedicated AAD tenant for O365 use, etc. AADC sync is set up per OU, which is functional if not particularly flexible. We don't have hybrid join for obvious reasons, although have considered the per-workstation GPO route to get there.

So, where does Azure ATP fall on this spectrum? Is the on-prem ATP sensor multitenant compatible? Can you have multiple sensors serving different AAD tenants in a single on-prem domain? Or if not sensors, how about standalones? Also, is the sensor smart enough to be aware of its own AAD tenant, and collect and forward on-prem data that is relevant to those AAD users, and those users only? Can we manually setup a sensor instance per OU, similar to AADC?

Or Tsemah · ‎Apr 09 2020

@VesaP1695

Hey, Since Azure ATP monitors on-premises AD, i'm not sure what the impact of having multiple AAD tenants would be, can you share an example?

If you have additional on-prem forests without a trust, you could add them to the same Azure ATP tenant by using different directory services credentials

Products (50)

Special Topics (27)

Video Hub (462)

Most Active Hubs

Most Active Hubs

Video Hub

Azure ATP with single domain, multiple AAD tenants

Azure ATP with single domain, multiple AAD tenants

Re: Azure ATP with single domain, multiple AAD tenants