Detections
Analytics

Microsoft Entra Registered Configuration (Windows)

info Nessus Plugin ID 177645

Language:

Synopsis

The host is Microsoft Entra Registered

Description

The host is Microsoft Entra Registered, previously known as 'Azure AD Registered' or 'workplace joined', and it was possible to retrieve certain Microsoft Entra ID device configuration attributes, including:

 - Microsoft Entra tenant ID
 - Microsoft Entra tenant region
 - Microsoft Entra device ID
- Registering user's object ID

The Microsoft Entra registered state is specific to each user, so the configuration is reported per user. For example, two users of the device could register it to two different Microsoft Entra ID tenants, Or even the same tenant which would give two different device IDs.

For Active Directory domain information, see the 'Host Active Directory Configuration (Windows)' plugin.

For Microsoft Entra Join information, see the 'Microsoft Entra Joined Configuration (Windows)' plugin.

See Also

https://learn.microsoft.com/en-us/azure/active-directory/devices/

http://www.nessus.org/u?f6196b68

Plugin Details

Severity: Info

ID: 177645

File Name: azure_ad_registered_config.nbin

Version: 1.37

Type: local

Agent: windows

Family: Windows

Published: 7/13/2023

Updated: 4/23/2024

Asset Inventory: true

Supported Sensors: Nessus Agent, Nessus

Vulnerability Information

CPE: x-cpe:/a:microsoft:entra_id, x-cpe:/a:microsoft:azure_active_directory

Required KB Items: SMB/Registry/Enumerated