198 questions with Microsoft Defender for Identity-related tags

Sort by: Updated
Updated Created Answers
3 answers

Security Recommendations for LAPS are outdated

These recommendations in the Microsoft Secure Score seems to be ignoring the new Windows LAPS and looking at the old LAPS. When we changed over to the Windows LAPS, these recommendations started getting flagged. I thought Microsoft would eventually…

Windows
Windows
A family of Microsoft operating systems that run across personal computers, tablets, laptops, phones, internet of things devices, self-contained mixed reality headsets, large collaboration screens, and other devices.
5,372 questions
Windows Server
Windows Server
A family of Microsoft server operating systems that support enterprise-level management, data storage, applications, and communications.
13,028 questions
Microsoft Defender for Identity
Microsoft Defender for Identity
A Microsoft service that helps protect enterprise hybrid environments from multiple types of advanced, targeted cyberattacks and insider threats.
198 questions
asked 2023-06-28T10:54:09.08+00:00
ADM-Griffin2, Jay 146 Reputation points
answered 2024-10-01T10:02:29.06+00:00
Michele Ariis 5 Reputation points
4 answers

Fake Copy/Paste (copy text - paste example TYfcWtHDivhu9PRkaaCCVAoAk6SKTS2XDH)

I use exclusively MS products on different servers at the same time. But for more than a year now I have been suffering from a problem with copying text. The problem is that after copying the text, the following TYfcWtHDivhu9PRkaaCCVAoAk6SKTS2XDH…

Windows Server 2019
Windows Server 2019
A Microsoft server operating system that supports enterprise-level management updated to data storage.
3,740 questions
Remote Desktop
Remote Desktop
A Microsoft app that connects remotely to computers and to virtual apps and desktops.
4,538 questions
Office Development
Office Development
Office: A suite of Microsoft productivity software that supports common business tasks, including word processing, email, presentations, and data management and analysis.Development: The process of researching, productizing, and refining new or existing technologies.
3,890 questions
Windows Server Security
Windows Server Security
Windows Server: A family of Microsoft server operating systems that support enterprise-level management, data storage, applications, and communications.Security: The precautions taken to guard against crime, attack, sabotage, espionage, or another threat.
1,829 questions
Microsoft Defender for Identity
Microsoft Defender for Identity
A Microsoft service that helps protect enterprise hybrid environments from multiple types of advanced, targeted cyberattacks and insider threats.
198 questions
asked 2024-07-29T13:24:52.7266667+00:00
Vitalii P 10 Reputation points
commented 2024-09-28T13:45:18.03+00:00
YUVII RAJ 0 Reputation points
2 answers

Audit and monitor removable devices from intune

Hello Team, I'm configuring an ASR rule to audit removable devices as the following: I need to know how to get these audits, I didn't find anything related to this policy in the surface attack reduction reports. Thanks, Alaa ELrayes

Microsoft Intune
Microsoft Intune
A Microsoft cloud-based management solution that offers mobile device management, mobile application management, and PC management capabilities.
5,043 questions
Microsoft Defender for Identity
Microsoft Defender for Identity
A Microsoft service that helps protect enterprise hybrid environments from multiple types of advanced, targeted cyberattacks and insider threats.
198 questions
asked 2024-09-24T08:07:27.9733333+00:00
A.Elrayes 186 Reputation points
commented 2024-09-27T06:21:20.77+00:00
ZhoumingDuan-MSFT 13,080 Reputation points Microsoft Vendor
1 answer

MDATP for MacOS doesnt fetch DeviceAAD ID info from Mac endpoints

Hello, Could you please help us to identify what caused the problem? We have a problem with MDATP fetching DeviceAADID for MacOS devices. I don't see such information from onboarded devices in Security Microsoft Portal. It doesn’t connected with macOS…

Microsoft Defender for Cloud
Microsoft Defender for Cloud
An Azure service that provides threat protection for workloads running in Azure, on-premises, and in other clouds. Previously known as Azure Security Center and Azure Defender.
1,367 questions
Microsoft Intune MacOs
Microsoft Intune MacOs
Microsoft Intune: A Microsoft cloud-based management solution that offers mobile device management, mobile application management, and PC management capabilities.MacOs: A family of Apple operating systems for the Apple Mac line of computers.
86 questions
Microsoft Intune
Microsoft Intune
A Microsoft cloud-based management solution that offers mobile device management, mobile application management, and PC management capabilities.
5,043 questions
Microsoft Defender for Identity
Microsoft Defender for Identity
A Microsoft service that helps protect enterprise hybrid environments from multiple types of advanced, targeted cyberattacks and insider threats.
198 questions
Microsoft Entra ID
Microsoft Entra ID
A Microsoft Entra identity service that provides identity management and access control capabilities. Replaces Azure Active Directory.
21,631 questions
asked 2024-09-25T17:30:35.71+00:00
WIndows_around_you 0 Reputation points
answered 2024-09-27T01:52:27.52+00:00
Crystal-MSFT 48,581 Reputation points Microsoft Vendor
1 answer

Secure Score wants me to disable delegation on my Domain Controller computer accounts

originally posted on the Office365 'answers' forum but I was told that was not the correct place and I should post it here instead. Microsoft Secure Score flagged a number of 'privileged' accounts on my AD domain that were set to allow delegation. I…

Active Directory
Active Directory
A set of directory-based technologies included in Windows Server.
6,507 questions
Microsoft Defender for Identity
Microsoft Defender for Identity
A Microsoft service that helps protect enterprise hybrid environments from multiple types of advanced, targeted cyberattacks and insider threats.
198 questions
asked 2024-09-25T10:36:40.8733333+00:00
Steven Blackery 0 Reputation points
commented 2024-09-27T00:14:55.55+00:00
Steven Blackery 0 Reputation points
1 answer

W11 - Virus & Threat Protection

Hi, When I disable "Automatic sample submission" (see below) I receive periodic popups that the device may be vulnerable (see below), and it remains the same until I "Dismiss". Is there any workaround to NOT show this popup…

Windows 10 Security
Windows 10 Security
Windows 10: A Microsoft operating system that runs on personal computers and tablets.Security: The precautions taken to guard against crime, attack, sabotage, espionage, or another threat.
2,904 questions
Windows Server Security
Windows Server Security
Windows Server: A family of Microsoft server operating systems that support enterprise-level management, data storage, applications, and communications.Security: The precautions taken to guard against crime, attack, sabotage, espionage, or another threat.
1,829 questions
Windows 11
Windows 11
A Microsoft operating system designed for productivity, creativity, and ease of use.
9,570 questions
Microsoft Intune Security
Microsoft Intune Security
Microsoft Intune: A Microsoft cloud-based management solution that offers mobile device management, mobile application management, and PC management capabilities.Security: The precautions taken to guard against crime, attack, sabotage, espionage, or another threat.
417 questions
Microsoft Defender for Identity
Microsoft Defender for Identity
A Microsoft service that helps protect enterprise hybrid environments from multiple types of advanced, targeted cyberattacks and insider threats.
198 questions
asked 2024-09-25T10:05:43.5833333+00:00
~OSD~ 2,176 Reputation points
commented 2024-09-26T19:42:05.44+00:00
~OSD~ 2,176 Reputation points
3 answers

Package fails to install for Windows 2016 endpoints in Microsoft Defender for Identity

Problem with enroling Windows 2016 devices in Microsoft Defender for Identity As part of moving from a third party AV to defender (2019 and 2022 work fine). PowerShell Running the installation package fails on 2016 for multiple servers All available…

Microsoft Defender for Identity
Microsoft Defender for Identity
A Microsoft service that helps protect enterprise hybrid environments from multiple types of advanced, targeted cyberattacks and insider threats.
198 questions
asked 2024-01-11T17:29:36.0466667+00:00
Arran 0 Reputation points
commented 2024-09-24T08:07:14.0066667+00:00
BIAQ 0 Reputation points
1 answer

How to change Microsoft attack simulator Training Language

Hello, I need some help in the ability to change the Microsoft Attack Simulator Video training from the default of English to a foreign language. The chosen video training does support the language but I have been unsuccessful in finding the setting in…

Microsoft Defender for Identity
Microsoft Defender for Identity
A Microsoft service that helps protect enterprise hybrid environments from multiple types of advanced, targeted cyberattacks and insider threats.
198 questions
asked 2024-09-16T06:52:02.6933333+00:00
Nebaba Monda 0 Reputation points
answered 2024-09-18T13:07:41.16+00:00
K-Mohammed 235 Reputation points Microsoft Employee
2 answers

Where to install Defender for Identity Sensor for VPN Integration

We have followed the steps in this document https://learn.microsoft.com/en-us/defender-for-identity/vpn-integration to setup VPN Integration for Defender for Identity. However we don't see the sensor receiving any data. As per the document we have added…

Microsoft Defender for Identity
Microsoft Defender for Identity
A Microsoft service that helps protect enterprise hybrid environments from multiple types of advanced, targeted cyberattacks and insider threats.
198 questions
asked 2024-08-19T18:40:56.1966667+00:00
David Agosta 0 Reputation points
answered 2024-09-17T12:54:39.21+00:00
K-Mohammed 235 Reputation points Microsoft Employee
0 answers

Defender Attack Simulation is sending duplicate training notifications

The attack simulation in defender is sending out the duplicate training notifications, when a user is compromised, immediately after the first. Is there something in the set up that I'm missing?

Microsoft Q&A
Microsoft Q&A
Use this tag to share suggestions, feature requests, and bugs with the Microsoft Q&A team. The Microsoft Q&A team will evaluate your feedback on a regular basis and provide updates along the way.
833 questions
Microsoft Defender for Identity
Microsoft Defender for Identity
A Microsoft service that helps protect enterprise hybrid environments from multiple types of advanced, targeted cyberattacks and insider threats.
198 questions
asked 2024-09-16T17:51:19.2333333+00:00
Andrea Thiel 0 Reputation points
0 answers

MS Defender - How to manage Tenant Allow/Block Lists with graph api

Hi, I'm trying to create an integration to block certain URLs on Microsoft Defender with the Graph API. After looking into the documentation, I found this endpoint:…

Microsoft Graph
Microsoft Graph
A Microsoft programmability model that exposes REST APIs and client libraries to access data on Microsoft 365 services.
11,969 questions
Microsoft Defender for Cloud
Microsoft Defender for Cloud
An Azure service that provides threat protection for workloads running in Azure, on-premises, and in other clouds. Previously known as Azure Security Center and Azure Defender.
1,367 questions
Microsoft Defender for Identity
Microsoft Defender for Identity
A Microsoft service that helps protect enterprise hybrid environments from multiple types of advanced, targeted cyberattacks and insider threats.
198 questions
asked 2024-07-10T08:21:08.0666667+00:00
Omer Dital 5 Reputation points
commented 2024-09-15T08:05:36.27+00:00
Omer Dital 5 Reputation points
1 answer

Microsoft Purview Audit Log - Send Microsoft Defender XDR activities to Sentinel

Hello everyone! I would like to forward the Microsoft Defender XDR activities and Microsoft Defender for Identity activities (https://learn.microsoft.com/en-us/purview/audit-log-activities#microsoft-defender-for-identity-activities) from the Microsoft…

Microsoft Purview
Microsoft Purview
A Microsoft data governance service that helps manage and govern on-premises, multicloud, and software-as-a-service data. Previously known as Azure Purview.
1,157 questions
Microsoft Sentinel
Microsoft Sentinel
A scalable, cloud-native solution for security information event management and security orchestration automated response. Previously known as Azure Sentinel.
1,133 questions
Microsoft Defender for Identity
Microsoft Defender for Identity
A Microsoft service that helps protect enterprise hybrid environments from multiple types of advanced, targeted cyberattacks and insider threats.
198 questions
asked 2024-09-10T06:17:20.61+00:00
Tabea-6461 0 Reputation points
commented 2024-09-13T16:57:27.23+00:00
Smaran Thoomu 15,685 Reputation points Microsoft Vendor
2 answers

Microsoft Windows Server 2019 - Advanced auditing

Any chance a windows expert could assist with with advanced auditting group policy? it is turned on and shows the correct settings when i run an auditpol but when i do an rsop check, Advanced Auditing is missing under this check. When i perform an MDI…

Windows Server 2019
Windows Server 2019
A Microsoft server operating system that supports enterprise-level management updated to data storage.
3,740 questions
Microsoft Defender for Identity
Microsoft Defender for Identity
A Microsoft service that helps protect enterprise hybrid environments from multiple types of advanced, targeted cyberattacks and insider threats.
198 questions
asked 2024-09-12T14:40:20.3966667+00:00
JoeS-0122 41 Reputation points
edited an answer 2024-09-12T15:46:27.8866667+00:00
JoeS-0122 41 Reputation points
0 answers

Issue with Azure Identity Validation - Minimum 3-Year Requirement

We’re currently facing an issue with Azure’s identity validation process for our organization, Toeverything, which is based in Singapore. We’ve submitted the required documents, including: Organization name, address, and contact details Domain…

Microsoft Identity Manager
Microsoft Identity Manager
A family of Microsoft products that manage a user's digital identity using identity synchronization, certificate management, and user provisioning.
694 questions
Microsoft Defender for Identity
Microsoft Defender for Identity
A Microsoft service that helps protect enterprise hybrid environments from multiple types of advanced, targeted cyberattacks and insider threats.
198 questions
asked 2024-09-12T07:31:53.76+00:00
JIACHEN HE 0 Reputation points
9 answers

OpenSSL vulnerabilities showing in Defender Dashboard

We have multiple devices showing up with OpenSSL vulnerabilities. It is detecting two dll files that it is flagging. Which they are libssl-3-x64.dll and libcrypto-3-x64.dll. It is flagging this for multiple different applications through out multiple…

Microsoft Defender for Cloud
Microsoft Defender for Cloud
An Azure service that provides threat protection for workloads running in Azure, on-premises, and in other clouds. Previously known as Azure Security Center and Azure Defender.
1,367 questions
Microsoft Defender for Identity
Microsoft Defender for Identity
A Microsoft service that helps protect enterprise hybrid environments from multiple types of advanced, targeted cyberattacks and insider threats.
198 questions
Microsoft Defender for Cloud Apps
Microsoft Defender for Cloud Apps
A Microsoft cloud access security broker that enables customers to control the access and use of software as a service apps in their organization.
141 questions
asked 2023-09-22T20:14:57.2433333+00:00
Jeff Thorne 45 Reputation points
commented 2024-09-09T11:12:25.37+00:00
Fatlum Berisha 0 Reputation points
3 answers

Defender for Identity - Directory Services Advanced Auditing is not enabled

Hi Everyone, We have followed the following guide from Microsoft in regards to enabling "advanced auditing" for Defender for Identity: https://learn.microsoft.com/en-us/defender-for-identity/configure-windows-event-collection However, we keep…

Windows
Windows
A family of Microsoft operating systems that run across personal computers, tablets, laptops, phones, internet of things devices, self-contained mixed reality headsets, large collaboration screens, and other devices.
5,372 questions
Active Directory
Active Directory
A set of directory-based technologies included in Windows Server.
6,507 questions
Microsoft Defender for Identity
Microsoft Defender for Identity
A Microsoft service that helps protect enterprise hybrid environments from multiple types of advanced, targeted cyberattacks and insider threats.
198 questions
asked 2023-09-27T20:12:12.2233333+00:00
OwlTecAB 40 Reputation points
commented 2024-09-09T08:44:46.1233333+00:00
Florent OLLIVIER 0 Reputation points
2 answers

When a Computer slows down?

Need to know what questions are important to solve a problem of a slow down computer with windows 10

Windows 10
Windows 10
A Microsoft operating system that runs on personal computers and tablets.
11,549 questions
Windows 10 Network
Windows 10 Network
Windows 10: A Microsoft operating system that runs on personal computers and tablets.Network: A group of devices that communicate either wirelessly or via a physical connection.
2,345 questions
Windows 10 Security
Windows 10 Security
Windows 10: A Microsoft operating system that runs on personal computers and tablets.Security: The precautions taken to guard against crime, attack, sabotage, espionage, or another threat.
2,904 questions
Microsoft Defender for Identity
Microsoft Defender for Identity
A Microsoft service that helps protect enterprise hybrid environments from multiple types of advanced, targeted cyberattacks and insider threats.
198 questions
asked 2024-09-08T00:49:05.1433333+00:00
How do I configure Windows Firewall in Workstation 0 Reputation points
answered 2024-09-09T01:41:33.1066667+00:00
Hania Lian 15,171 Reputation points Microsoft Vendor
0 answers

Accessibility of Microsoft Applications

Hi Community, I have been facing an issue with the accessibility settings on my mobile device for some of the microsoft apps like authenticator, defender, link to windows and launcher. When I turn the access on for them after some time it is turned back…

Microsoft Authenticator
Microsoft Authenticator
A Microsoft app for iOS and Android devices that enables authentication with two-factor verification, phone sign-in, and code generation.
6,774 questions
Microsoft Defender for Identity
Microsoft Defender for Identity
A Microsoft service that helps protect enterprise hybrid environments from multiple types of advanced, targeted cyberattacks and insider threats.
198 questions
Sysinternals
Sysinternals
Advanced system utilities to manage, troubleshoot, and diagnose Windows and Linux systems and applications.
1,161 questions
asked 2024-09-06T14:22:27.5433333+00:00
sid 45 Reputation points
edited the question 2024-09-07T12:51:50.8366667+00:00
sid 45 Reputation points
1 answer

Office 365 Attack Simulator

I want to run an Office 365 attack simulation training phishing test in a Customer. According to the article below, I need either one of these licenses: Microsoft 365 E5 or Microsoft Defender for Office 365 Plan 2…

Microsoft 365
Microsoft 365
Formerly Office 365, is a line of subscription services offered by Microsoft which adds to and includes the Microsoft Office product line.
4,855 questions
Office
Office
A suite of Microsoft productivity software that supports common business tasks, including word processing, email, presentations, and data management and analysis.
1,623 questions
Windows 10 Security
Windows 10 Security
Windows 10: A Microsoft operating system that runs on personal computers and tablets.Security: The precautions taken to guard against crime, attack, sabotage, espionage, or another threat.
2,904 questions
Microsoft Defender for Identity
Microsoft Defender for Identity
A Microsoft service that helps protect enterprise hybrid environments from multiple types of advanced, targeted cyberattacks and insider threats.
198 questions
asked 2024-03-01T18:39:03.5533333+00:00
Anderson Fajardo 0 Reputation points
commented 2024-09-05T13:13:57.3866667+00:00
PetersonE 0 Reputation points
0 answers

How i can whit list or change defender rules ,when malicious files are detected in SharePoint Online, OneDrive, or Microsoft Teams and backup failed by Veam as their is malware in file

How i can whit list or change defender rules ,when malicious files are detected in SharePoint Online, OneDrive, or Microsoft Teams and backup failed by Veaam as their is malware in file how we can make them whit list as these are legitimate files as…

Microsoft Defender for Identity
Microsoft Defender for Identity
A Microsoft service that helps protect enterprise hybrid environments from multiple types of advanced, targeted cyberattacks and insider threats.
198 questions
asked 2024-09-03T13:05:00.0733333+00:00
Muhammad Zeeshan 100 Reputation points