Hi,
Is there a way to protect Azure Active Directory user and group accounts from being accidentally deleted like you can with an AD on-premise user or group object?
Hi @Noun-5028,
Enable accidental deletions prevention in the Azure AD provisioning service in (Preview) now, please find the below information for more details.
https://docs.microsoft.com/en-us/azure/active-directory/app-provisioning/accidental-deletions
Thanks & Regards,
Sarat chandra ,
Note: If you agree with my answer please accept my answer
Hi,
I have seen that article, but is just for protecting a user being removed from an enterprise app is it not?
I need to protect the deletion of an actual Azure security group or Azure user account.
Hi @Noun-5028
You can set an alert to find out who deleted a user from the Azure AD, to find out which accounts were deleted
Please find below:
Navigate to Azure Active Directory → Go to Monitoring → Click Audit Logs → Filter the audit log by the Delete user activity → Click on the last event with the Delete user activity.
Please accept my answer if it helps you
Thanks & Regards,
Sarat Chandra
@sbairu how do you setup the alert? I can find the event in the activity log, but how do you create the email alert?
For users and groups, there is no such similar functionality 'prevent from deletion' like in AD. Today, only two possibilities
If users and groups are synced, you can set Deletion Threshhold on Azure AD Connect
Setup a alert to trigger an alert email, whenever any user/group gets deleted from Azure AD. Based on transactions in your tenant, there may be too many alerts.
Thanks can you set alerts when specific groups are deleted or is an all of nothing alert setting?
25 people are following this question.
