Privileged Azure Entra user is synced from on-premises AD

このページは日本語には対応しておりません。随時翻訳に取り組んでいます。翻訳に関してご質問やご意見ございましたら、お気軽にご連絡ください。

Description

Synced accounts, especially those with high privilege levels, are often targeted by attackers and can be used to extend the impact of a breach. This check identifies highly privileged accounts synced to Microsoft Entra ID from on-premises Active Directory.

Remediation

  1. Review the access level of all synced accounts in your tenant.
  2. Exclude all possible privileged accounts from the sync process.
  3. Accounts that require both privileges to on-premises Active Directory and Microsoft Entra ID should be closely scrutinized.
PREVIEWING: Cyril-Bouchiat/add-vm-package-explorer-doc