Some accounts missing Azure AD Object ID
Hi all There is something that has been annoying me for a while and I felt it's finally time to post abount it. We have a hybrid AD-AAD setup with a user sync up and running since years back, that ...
Forum Discussion
TheHoff70 the analytics that are mapped to the playbook, have they been mapped with the appropriate entities for azure object IDs?
This will surface the specific information for the playbooks to fire properly against the alert when it is triggered?
Check out this link to further information
Map data fields to Microsoft Sentinel entities | Microsoft Learn
- I've been trying back and forth with both with different entity mappings like DNS domain+UPN, "Full Name" or domain+UPN but so far no luck.
