Identity Security for Azure AD DS

dedwards191 · ‎Nov 19 2021

Working with a client that is using Azure AD DS that is fully managed by Azure. Do accounts within AD DS have options to enable Microsoft Defender for security on those user accounts. If so does just the Admin need the upgraded E5 license or do ALL the user accounts need to have a E5 license to enable security features? Thanks!

Ricky Simpson · ‎Nov 22 2021

@dedwards191

Hi there,

The Defender for Identity sensor can be installed on a domain controller that's been migrated into the cloud as a virtual machine, but we don't have capabilities available at the moment for the PaaS option, which seems to be what you've described above. It's something we're looking at for our roadmap.

In terms of licensing, the rule of thumb for Defender for Identity is that you need a license for every human being protected by the service, so that means you'll have more than just one in your example above - but you wouldn't have to license accounts like service accounts, or any secondary accounts users may have (like an elevated permissions account for example).

dedwards191 · ‎Nov 28 2021

Thanks Ricky! Just the answer I was looking for.

Identity Security for Azure AD DS

Identity Security for Azure AD DS

Re: Identity Security for Azure AD DS

Re: Identity Security for Azure AD DS

Products (50)

Special Topics (27)

Video Hub (462)

Most Active Hubs

Most Active Hubs

Video Hub

Identity Security for Azure AD DS