---
title: Privileged Azure Entra user is synced from on-premises AD
description: Datadog, the leading service for cloud-scale monitoring.
breadcrumbs: >-
  Docs > Datadog Security > OOTB Rules > Privileged Azure Entra user is synced
  from on-premises AD
---

# Privileged Azure Entra user is synced from on-premises AD

## Description{% #description %}

Synced accounts, especially those with high privilege levels, are often targeted by attackers and can be used to extend the impact of a breach. This check identifies highly privileged accounts synced to Microsoft Entra ID from on-premises Active Directory.

## Remediation{% #remediation %}

1. Review the access level of all synced accounts in your tenant.
1. Exclude all possible privileged accounts from the sync process.
1. Accounts that require both privileges to on-premises Active Directory and Microsoft Entra ID should be closely scrutinized.