Azure ATP Directory services account rights

%3CLINGO-SUB%20id%3D%22lingo-sub-1139087%22%20slang%3D%22en-US%22%3EAzure%20ATP%20Directory%20services%20account%20rights%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-1139087%22%20slang%3D%22en-US%22%3E%3CP%3EHi%2C%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3EI%20cloud%20not%20find%20documentation%20on%20the%20needed%20rights%20for%20the%20service%20account%20that%20is%20defined%20in%20Directory%20services.%20Can%20you%20point%20me%20to%20the%20document%20or%20give%20instructions%20on%20how%20to%20setup%20the%20correct%20user%20rights.%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3EJari%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-SUB%20id%3D%22lingo-sub-1139249%22%20slang%3D%22en-US%22%3ERe%3A%20Azure%20ATP%20Directory%20services%20account%20rights%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-1139249%22%20slang%3D%22en-US%22%3E%3CP%3E%3CA%20href%3D%22https%3A%2F%2Ftechcommunity.microsoft.com%2Ft5%2Fuser%2Fviewprofilepage%2Fuser-id%2F538306%22%20target%3D%22_blank%22%3E%40Jari_L%3C%2FA%3E%26nbsp%3B%2C%20basically%20it%20needs%20read%20only%20access%20to%20AD%20and%20to%20it's%20deleted%20items.%3C%2FP%3E%0A%3CP%3EOne%20some%20hardened%20networks%20it%20might%20require%20more%20tweaks%2C%20but%20mostly%20that's%20it...%3C%2FP%3E%3C%2FLINGO-BODY%3E
Occasional Visitor

Hi,

 

I cloud not find documentation on the needed rights for the service account that is defined in Directory services. Can you point me to the document or give instructions on how to setup the correct user rights.

 

Jari

1 Reply

@Jari_L , basically it needs read only access to AD and to it's deleted items.

One some hardened networks it might require more tweaks, but mostly that's it...

We support Ukraine and condemn war. Push Russian government to act against war. Be brave, vocal and show your support to Ukraine. Follow the latest news HERE