This browser is no longer supported.
Upgrade to Microsoft Edge to take advantage of the latest features, security updates, and technical support.
Hi
I am the only Global admin, I have PBI premium , Fabric is available
I got my weekly PIM digest email today
I noticed two new directory readers are setup, cause for concern , I did not setup any.
On review , these were assigned directory reader roles
I have not created or deployed a Service Cluster and or app as a resource
Question:
Why are these managed identities automatically being setup and assigned roles ? Why are the start/end dates 06 and 13th (today)?
Hello Carlo Lodola,
Welcome to the MS Q&A Forum.
You could check your Activity Logs under Azure Subscription to find who created and assigned those identities or check Audit logs under your Entra Id.
Sincerely,
Olga Os.
Hi Olga
I cannot find anything in the Audit logs , I still need to setup an archive schedule , I am limited to 30 days retention
*to note the start/ end dates of the two service principles were incremented on in the last 24hrs
Start 06/11/2023 to 07/11/2023
End Date 13/11/2023 to 14/11/2023
Reading up --
MicrosoftAzureActiveAuthn -- is a Microsoft first party app/Service Principal and legitimate application. The app performs certain internal actions in Azure AD tenants. It is created by enabling MFA for users and the operation you described can be triggered during an SAS app request for Azure MFA.
I enabled System-preferred multifactor authentication, this may account for the MicrosoftAzureActiveAuthn
(System-preferred multifactor authentication (MFA) prompts users to sign in by using the most secure method they registered.)
Questions
(The OneLake file explorer application seamlessly integrates OneLake with Windows File Explorer. This application automatically syncs all OneLake items that you have access to in Windows File Explorer. "Sync" refers to pulling up-to-date metadata on files and folders, and sending changes made locally to the OneLake service.)
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(272, 27%, 36%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EVV%3C/text%3E%3C/svg%3E)
Hi Carlo Lodola,
As you want to know more details about the issue, we would recommend you to open a azure support case. Support team will be able to check and help on this.
If you don't have a support plan enabled on your subscription, I request you to send an email to AzCommunity@Microsoft.com with Subject as "Attn:Vikas" referencing this thread along with your subscription ID. I can then enable your subscription with a one-time free technical support.
Once the issue is resolved, request you to post the resolution here for the benefit of community.