Fireprox-Support or any other IP rotation

[cmprmsd]

Heyho!

I noticed for larger organizations the tool will be throttled heavily. Sometimes there will be the message being throttled (sleep 5 seconds), but often it will just skip over the current check with the server response:

Invoke-WebRequest : The remote server returned an error: (429).

too many requests.

Would it be feasible to integrate Fireprox or do you think it makes no sense as there are too many different endpoint URLs?

Is there already something to throttle automatically also in the "getting users" part? Speaking about 40-50k users :)

[dafthack]

Yeah the throttling issues are something I want to dig more into. From what I've seen they are not always reproducible so it's been hard to determine exactly what is causing them. The Get-AzureADUsers module doesn't have that throttle currently but will be easy to add in so I'll add it to the todo list. Integrating Fireprox is definitely something we can try too but I'm not positive that the throttling is happening on IP-based actions so we'll just have to test it. Thanks!

[cmprmsd]

Valid point. The limitations might be user based. A user pool would be valid solution to this as often we spray 10+ people in larger companies which might scale the same way the user base does. :)