Quickstart: Connect to your Active Directory Forest
In this quickstart, you'll connect Azure ATP to Active Directory (AD) to retrieve data about users and computers. If you're connecting multiple forests, see the Multi-forest support article.
- An Azure ATP instance.
- Review the Azure ATP prerequisites article.
- An on-premises AD user account and password with read access to all objects in the monitored domains.
Provide a username and password to connect to your Active Directory Forest
The first time you open the Azure ATP portal, the following screen appears:
Enter the following information and click Save:
Field Comments Username (required) Enter the read-only Active Directory user name. For example: ATPuser. You must use an on-premises AD user account. Don't use the UPN format for your username. Password (required) Enter the password for the read-only user. For example: Pencil1. Domain (required) Enter the domain for the read-only user. For example: contoso.com. It's important that you enter the complete FQDN of the domain where the user is located. For example, if the user’s account is in domain corp.contoso.com, you need to enter
In the Azure ATP portal, click Download sensor setup and install the first sensor to continue.
Join the Community
Have more questions, or an interest in discussing Azure ATP and related security with others? Join the Azure ATP Community today!
We'd love to hear your thoughts. Choose the type you'd like to provide:
Our feedback system is built on GitHub Issues. Read more on our blog.