Apr 14 2020 08:46 AM
Hi @m_nicholls
Your directory service account will need read access to all objects in the monitored domains.
https://docs.microsoft.com/en-us/azure-advanced-threat-protection/install-atp-step2#prerequisites
Yes, one account will work with: exampledomain.com & child.exampledomain.com
If you also have a multi-forest environment with a two-way trust, you still only need one account.
Additional credentials are only required for each forest with non-Kerberos trust or no trust.
https://docs.microsoft.com/en-us/azure-advanced-threat-protection/atp-multi-forest
