Jun 27 2019
- last edited on
Nov 30 2021
I am looking to configure Azure ATP to monitor sensitive accounts in my local Active Directory and want to know what is the max. number of accounts I can add in Sensitive accounts setting? Also, can adding sensitive accounts be automated using API or PS?
Jun 27 2019 12:27 PM
@CyberSecGuy , there is no official max number as we didn't put any max cap to it.
in theory you can run out of space in the config, but since there is no automated way to do so, you are unlikely to get to this point.
IF you need many accounts, the more practical Idea is to create a "sensitive" AD group, add all the accounts there, and mark the group as sensitive, this will eventually propagate to all accounts automatically.
Jun 30 2019 02:33 AM
AATP will also automatically consider users to be sensitive who are members of specific groups, such as domain admins. https://docs.microsoft.com/en-us/azure-advanced-threat-protection/sensitive-accounts