Detections
Analytics

Privileged AD User Accounts Synchronized to Microsoft Entra ID

high

Language:

Description

Synchronizing privileged Active Directory accounts to Microsoft Entra ID poses a risk, enabling attackers to pivot from a compromised Entra ID tenant to on-premises Active Directory, facilitating their migration from the cloud.

Solution

Configure filtering in Entra Connect / Cloud Sync to exclude privileged Active Directory accounts from synchronization.

See Also

Azure Identity Management and access control security best practices

Démos d'attaques par rebond en environnement hybride Active Directory-Azure AD (French)

Indicator Details

Name: Privileged AD User Accounts Synchronized to Microsoft Entra ID

Codename: C-AAD-PRIV-SYNC

Severity: High

Type: Active Directory Indicator of Exposure

MITRE ATT&CK Information:
pFad - Phonifier reborn

Pfad - The Proxy pFad of © 2024 Garber Painting. All rights reserved.

Note: This service is not intended for secure transactions such as banking, social media, email, or purchasing. Use at your own risk. We assume no liability whatsoever for broken pages.


Alternative Proxies:

Alternative Proxy

pFad Proxy

pFad v3 Proxy

pFad v4 Proxy