Unsecure Kerberos delegation still visible after mitigation

Occasional Contributor


Azure ATP noticed some accounts with unsecure Kerberos delegation. We deleted the affected accounts in active directory. Actually the warning should disapere after that but is still visible. I dont unterstand.

4 Replies


Azure ATP needs to detect that these accounts are actually deleted, have you seen the "Deleted" tag added to these user account pages in AATP?

@Or Tsemah 

The accounts are still marked as "active" in AATP even though they are deleted in active directory.

Best Response confirmed by NinjaKitty (Occasional Contributor)

Make sure the AD account configured in the console has read access to AD's deleted items container.

That was it. Thank you very much.

Sorry for late reply. I had trouble logging into techcommunity with my federated account.