ldap server in ata

All replies

• 

  

  0

  Sign in to vote

  Hello,
  
  Do you mean there are lots of abnormal logins to ldap server?
  
  Could you please share the exact alert, which is generated by ATA?
  
  
  
  Best regards,
  Andy Liu
  

  ---

  Please remember to mark the replies as answers if they help.
  If you have feedback for TechNet Subscriber Support, contact tnmff@microsoft.com.

  Monday, August 21, 2017 8:56 AM
• 

  

  0

  Sign in to vote

  Do you mean there are lots of abnormal logins to ldap server?

  yes

  Could you please share the exact alert, which is generated by ATA?

  Identity theft observing abnormal behaviour.

  Monday, August 21, 2017 5:46 PM
• 

  

  0

  Sign in to vote

  Hello,
  
  Basically, the alert is generated because certain user account exhibited abnormal behavior, which were not seen over the last days. 
  
  For example, the user login to abnormal workstations, and access abnormal resources.
  
  In my opinion, you can take an investigation to this user account. 
  
  By the way, how long did the ATA monitor in the organization?
  
  
  Best regards,
  Andy Liu

  ---

  Please remember to mark the replies as answers if they help.
  If you have feedback for TechNet Subscriber Support, contact tnmff@microsoft.com.

  • Marked as answer by Ramakrishna addagalla Monday, February 4, 2019 8:21 PM

  Wednesday, August 23, 2017 9:49 AM
• 

  

  0

  Sign in to vote

  We are monitoring from  past two weeks.

  we are new to ata .

  Friday, August 25, 2017 3:40 PM