search

microsoft / mdatp-devicecontrol

Microsoft Defender for Endpoint Device Control tools, samples, and resources.
https://learn.microsoft.com/en-us/microsoft-365/security/defender-endpoint/device-control-removable-storage-protection?view=o365-worldwide
MIT License
45 stars 36 forks source link

Azure AD Group SID #3

Closed tinman613 closed 2 years ago

tinman613 commented 3 years ago

Hello all...

I am trying to use an Azure AD group SID for an allow option and it does not work. I have used my local user SID to verify the rule syntax and it worked ok.

Any idea's? Thanks

MatthewWhiteMoJ commented 2 years ago

What local SID did you use - i have tried to use the local user SID from one workstation but that is not common across AADJ devices or have you used the AAD User object SID to test with?

tinman613 commented 2 years ago

I was using an Azure Group sid

Sent from mobile...

On Oct 21, 2021, at 1:10 PM, MatthewWhiteMoJ @.***> wrote:



What local SID did you use - i have tried to use the local user SID from one workstation but that is not common across AADJ devices or have you used the AAD User object SID to test with?

— You are receiving this because you authored the thread. Reply to this email directly, view it on GitHubhttps://github.com/microsoft/mdatp-devicecontrol/issues/3#issuecomment-948825717, or unsubscribehttps://github.com/notifications/unsubscribe-auth/AVRJOGDWDLDR4XWNXRYERPDUIBCPTANCNFSM5DVMY2GA. Triage notifications on the go with GitHub Mobile for iOShttps://apps.apple.com/app/apple-store/id1477376905?ct=notification-email&mt=8&pt=524675 or Androidhttps://play.google.com/store/apps/details?id=com.github.android&referrer=utm_campaign%3Dnotification-email%26utm_medium%3Demail%26utm_source%3Dgithub.

tewchen commented 2 years ago

The AAD group Sid is still in Private Preview. currently only support Local or AD group sid