Skip to content

Latest commit

 

History

History
26 lines (22 loc) · 2.41 KB

azure-active-directory-admin-enabled.md

File metadata and controls

26 lines (22 loc) · 2.41 KB

CloudSploit

AZURE / SQL Server / Azure Active Directory Admin Enabled

Quick Info

Plugin Title Azure Active Directory Admin Enabled
Cloud AZURE
Category SQL Server
Description Ensures that Active Directory admin is enabled on all SQL servers.
More Info Enabling Active Directory admin allows users to manage account admins in a central location, allowing key rotation and permission management to be managed in one location for all servers and databases.
AZURE Link https://docs.microsoft.com/en-us/azure/sql-database/sql-database-aad-authentication-configure
Recommended Action Ensure Azure Active Directory admin is enabled on all SQL servers.

Detailed Remediation Steps

  1. Log in to the Microsoft Azure Management Console.
  2. Select the "Search resources, services, and docs" option at the top and search for "SQL servers".
  3. On the "SQL server" page, select the SQL server that needs to be examined.
  4. On the selected "SQL server" page, scroll down the left navigation panel and select "Azure Active Directory" under "Settings".
  5. On the "Azure Active Directory" page, if "Admin name" under "Azure Active Directory admin" states "No Active Directory admin" then Azure Active Directory admin is not enabled on selected SQL server.
  6. To enable Azure Active Directory admin click on "Set admin" at the top.
  7. On the Azure Active Directory pop up, search for the desired admin name and select the user from the results and click "Select" button at the bottom of the page.
  8. Click the "Save" button at the top to make the changes.
  9. Repeat steps 3 - 8 to ensure Azure Active Directory admin is enabled on all SQL servers.