ExamTopics Logo
Mail Us[email protected]
Menu
Microsoft Discussions
exam questions

Exam MS-102 All Questions

View all questions & answers for the MS-102 exam
Go to Exam

Exam MS-102 topic 1 question 47 discussion

Actual exam question from Microsoft's MS-102
Question #: 47
Topic #: 1
[All MS-102 Questions]

Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution.
After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.
Your network contains an on-premises Active Directory domain named contoso.com. The domain contains the users shown in the following table.

The domain syncs to an Azure AD tenant named contoso.com as shown in the exhibit. (Click the Exhibit tab.)

User2 fails to authenticate to Azure AD when signing in as [email protected].
You need to ensure that User2 can access the resources in Azure AD.
Solution: From the Microsoft Entra admin center, you add fabrikam.com as a custom domain. You instruct User2 to sign in as [email protected].
Does this meet the goal?

  • A. Yes
  • B. No
Show Suggested Answer Hide Answer
Suggested Answer: A 🗳️
by Greatone1 at Aug. 23, 2023, 11:09 p.m.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
Greatone1
Highly Voted 1 year, 8 months ago
Selected Answer: A
the answer is A.
upvoted 14 times
...
sherifhamed
Highly Voted 1 year, 7 months ago
Selected Answer: A
The on-premises Active Directory domain is named contoso.com. To enable users to sign on using a different UPN (different domain), you need to add the domain to Microsoft 365 as a custom domain. review: https://www.examtopics.com/discussions/microsoft/view/50100-exam-ms-100-topic-2-question-56-discussion/
upvoted 11 times
...
EubertT
Most Recent 3 weeks, 1 day ago
Selected Answer: B
Answer: B. No Explanation: Adding fabrikam.com as a custom domain in Azure AD is necessary, but it is not sufficient by itself to allow User2 to sign in with [email protected]. Azure AD Connect synchronizes identities based on their UPN suffix, and the on-premises UPN must be changed to use @fabrikam.com for the user object. That UPN suffix also must be verified in Azure AD. Since the solution only adds the custom domain in Azure AD and does not update User2’s UPN suffix in the on-premises Active Directory, the identity sync will not match the intended UPN, and authentication will still fail. ✅ The correct full solution would be: Add fabrikam.com as a custom domain in Azure AD and verify it. Change the UPN suffix of User2 on-premises to @fabrikam.com. Allow synchronization via Azure AD Connect. 🔴 Therefore, this solution alone does not meet the goal. _________________________________________________________________
upvoted 2 times
...
Ruslan23
3 weeks, 3 days ago
Selected Answer: B
I vote B, adding the custom domain isn't enought.
upvoted 1 times
...
lijk_manson
2 months ago
Selected Answer: B
B. No By adding 1 or more domains does not changes the users username, you need to edit the user We can add 500 domains, it will not change anything.
upvoted 3 times
...
wafferrr
2 months, 3 weeks ago
Selected Answer: B
UPN needs to be changed for user2 in the on-prem environment before logon will work.
upvoted 4 times
...
justITtopics
3 months ago
Selected Answer: B
Very tricky questions because there are many doubts. I vote for B. The question does not indicate that the domain frabikam.com is verified and they do not indicate that the domain is added to the Entra Connect configuration. However, since they do not indicate that they have filtered domains or OUs, by default, Entra Connect synchronizes all domains (https://learn.microsoft.com/en-us/entra/identity/hybrid/connect/how-to-connect-install-custom#domain-and-ou-filtering). Many unknowns.
upvoted 5 times
...
Crille
5 months, 2 weeks ago
The answer is B you need to sync fabric domain to azure ad with Azure ad connect add fabric in domain and trust after that you can set UPN [email protected] in Active directory
upvoted 6 times
...
Fidelak
7 months, 2 weeks ago
I would venture this is more B than A, it says you add the domain as a custom domain in the admin.microsoft.com portal but doesn't mention anything about it being added into Azure AD connect as a domain. It's technically correct but only half of the true correct solution.
upvoted 6 times
...
ronin201
10 months ago
Dont't forget about Entra connect settings, if you add custom domain, it should be 1) verified 2) you must add it to Entra Connect for sync
upvoted 4 times
...
AAlmani
1 year, 3 months ago
Selected Answer: A
Correct answer is A
upvoted 3 times
...
RJTW070
1 year, 3 months ago
Selected Answer: A
Yes, the solution meets the goal. By adding fabrikam.com as a custom domain in the Microsoft Entra admin center, you can ensure that User2 can authenticate to Azure AD using their email address [email protected]. This is because the UPN suffix is used to authenticate a user in Azure AD, so it must match the domain name of the user’s email address. By adding fabrikam.com as a custom domain, you can ensure that User2 can authenticate to Azure AD using their email address [email protected]. You can then instruct User2 to sign in as [email protected] to access the resources they need
upvoted 6 times
...
jbuexamtopics
1 year, 5 months ago
Selected Answer: B
Didnt mentioned that it was verified.
upvoted 3 times
...
Constyle
1 year, 6 months ago
Answer is A
upvoted 1 times
...
jbuexamtopics
1 year, 6 months ago
Selected Answer: B
Very tricky, I'll go for B because it didnt mentioned that fabrikam.com was verified.
upvoted 5 times
...
Casticod
1 year, 7 months ago
Selected Answer: B
From the first reading, I think that the local active directory has the UP added, since the user logs in locally with Fabrikam.com I can add the domain Fabrikam.com to Entra admin center. What happens is that the question does not make it clear if the domain configuration is completed. If this step is not taken, when you synchronize and check, it will assign the domain onmicrosoft.com and not Fabrikam.com, the answer is NO
upvoted 5 times
...
letters1234
1 year, 8 months ago
Selected Answer: B
Wouldnt this be no, due to there being no federation between the two domains, yes someone could sign in, however there is no notes around the domain being verified or any other setup that would also be required to allow federated sign in. The previous question, where they basically create a user called User2 in the existing domain and ask them to sign in is the most likely if there is a single correct answer. This question feels like only part of the story.
upvoted 2 times
NrdAlrt
1 year, 5 months ago
It's stated both users exist in the domain which means frabikam.com is a UPN in the contoso.com domain, not a separate forest. The only gotcha is they don't mention the very critical step of verifying the domain. Adding it won't necessarily enable this person to sign-on unless there's an assumption the domain is verified as part of the process of adding it. I'm leaning towards A on this one as I feel that's a safe assumption at the level of detail this scenario provides.
upvoted 5 times
...
...
Load full discussion...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel
exam
Someone Bought Contributor Access for:
SY0-701
London, 1 minute ago