Active Directory
A set of directory-based technologies included in Windows Server.
6,155 questions
This browser is no longer supported.
Upgrade to Microsoft Edge to take advantage of the latest features, security updates, and technical support.
Hello,
We have received "User and group membership reconnaissance (SAMR)" from defender.
I only see the enumeration events no commands, process etc. related.
I was wondering how to find root cause for these queries from the user machine.
There is nothing seems suspicious but still we try to find what user machines made these.
Thanks.