Language:
Permissions for Microsoft Entra Connect accounts must be sane due to their impact on the entire Active Directory domain.
A security assessment of the permissions applied on Microsoft Entra Connect accounts can identify those that you can safely remove.
Name: Verify Permissions Related to Microsoft Entra Connect Accounts
Codename: C-AAD-CONNECT
Severity: Critical
Tactics: TA0003
Techniques: T1098
Fox-IT: adconnectdump
Gentil Kiwi: mimikatz