Securing the Azure AD Connect account

Azure AD Connect (AADC) integrates your Active Directory with Azure Active Directory (and from there with the various Active Directories for your workloads)  AADC has an account on-premises that has rights within Active Directory and depending on what you are syncing back from Azure AD to on-premises those rights can be extensive.

Microsoft has issued new guidance on how best to secure the AADC account (and will make changes to AADC in future so that the Express installation sets these by default)

The advisory 4056318 contains a convenient PowerShell script to secure the account in your Active Directory

Twan van Beers

Twan is a senior consultant with over 20 years of experience. He has a wide range of skills including Messaging, Active Directory, SQL, Networking and Firewalls. Twan loves to write scripts and get deep and dirty into debugging code, in order to understand and resolve the most complex of problems.

Leave a Reply

Your email address will not be published. Required fields are marked *

Search