Privileged Azure Entra user is synced from on-premises AD
このページは日本語には対応しておりません。随時翻訳に取り組んでいます。翻訳に関してご質問やご意見ございましたら、お気軽にご連絡ください。
Description
Synced accounts, especially those with high privilege levels, are often targeted by attackers and can be used to extend the impact of a breach. This check identifies highly privileged accounts synced to Microsoft Entra ID from on-premises Active Directory.
- Review the access level of all synced accounts in your tenant.
- Exclude all possible privileged accounts from the sync process.
- Accounts that require both privileges to on-premises Active Directory and Microsoft Entra ID should be closely scrutinized.