What Makes AD Connect MSOL Users Vulnerable to Suspected DCSync Attacks
You are at risk because the MSOL_ account has special rights. These rights let it copy directory data. AD Connect gives this account these rights. This helps it sync changes between your local Active Directory and Azure AD.
1. AD Connect picks which MSOL_ account to use for syncing.
2. It looks for missing rights and helps you add them.
3. The tool shows y…
Keep reading with a 7-day free trial
Subscribe to M365 Show - Microsoft 365 Digital Workplace Daily to keep reading this post and get 7 days of free access to the full post archives.