Cloud App Security not showing all user-id's of gMSA's

%3CLINGO-SUB%20id%3D%22lingo-sub-2153934%22%20slang%3D%22en-US%22%3ECloud%20App%20Security%20not%20showing%20all%20user-id's%20of%20gMSA's%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-2153934%22%20slang%3D%22en-US%22%3E%3CP%3EHi%2C%3C%2FP%3E%3CP%3EI%20have%20a%20gMSA%20that%20is%20moving%20users%20in%20and%20out%20of%20AD%20Security%20Groups.%20I%20can%20see%20all%20the%20details%20in%20the%20MDI%20console%20if%20I%20search%20for%20the%20Userid%20or%20the%20AD%20group.%20I%20see%20log%20entries%20like%3A%3C%2FP%3E%3CP%3Egjkoster%20was%20added%20by%20gMSA-UserAdd%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3EWhen%20I%20open%20the%20Cloud%20App%20Security%20Console%20I%20see%20a%20entry%20like%3A%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3Egjkoster%20was%20added%20to%20group%20XXXXX%20by%20n%2Fa%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3ESo%20in%20the%20Cloud%20App%20Security%20console%20I%20cannot%20see%20who%20performed%20the%20action%20of%20add%20user%20gjkoster%20to%20the%20specific%20AD-group.%20While%20MDI%20has%20the%20info%20available.%20Why%20is%20that.%20If%20a%20'normal'%20user%20adds%20someone%2C%20it%20does%20show.%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3EAnyone%20any%20idea%3F%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3ERegards%2C%3C%2FP%3E%3CP%3EGermen.%3C%2FP%3E%3C%2FLINGO-BODY%3E
New Contributor

Hi,

I have a gMSA that is moving users in and out of AD Security Groups. I can see all the details in the MDI console if I search for the Userid or the AD group. I see log entries like:

gjkoster was added by gMSA-UserAdd

 

When I open the Cloud App Security Console I see a entry like:

 

gjkoster was added to group XXXXX by n/a

 

So in the Cloud App Security console I cannot see who performed the action of add user gjkoster to the specific AD-group. While MDI has the info available. Why is that. If a 'normal' user adds someone, it does show.

 

Anyone any idea?

 

Regards,

Germen.

0 Replies