Senior Member

Hello!

 

Installed the AATP sensor on our domain:

 

exampledomain.com - works ok with a standard user account on that domain as the directory credentials

 

Also have a child domain:

 

child.exampledomain.com - that handles all student accounts

 

Do we need to add another user account on the child.exampledomain.com domain directory credentials into the existing setup?  Or a different suggestion.  I didn't see anything in the microsoft docs about it.

 

Thanks

Hi @m_nicholls 

 

Your directory service account will need read access to all objects in the monitored domains.  

https://docs.microsoft.com/en-us/azure-advanced-threat-protection/install-atp-step2#prerequisites

 

Yes, one account will work with: exampledomain.com &  child.exampledomain.com

 

If you also have a multi-forest environment with a two-way trust, you still only need one account. 

 

Additional credentials are only required for each forest with non-Kerberos trust or no trust.  

https://docs.microsoft.com/en-us/azure-advanced-threat-protection/atp-multi-forest

 

 

We support Ukraine and condemn war. Push Russian government to act against war. Be brave, vocal and show your support to Ukraine. Follow the latest news HERE