ExamTopics Logo
Mail Us[email protected]
Menu
Microsoft Discussions
exam questions

Exam MD-102 All Questions

View all questions & answers for the MD-102 exam
Go to Exam

Exam MD-102 topic 1 question 171 discussion

Actual exam question from Microsoft's MD-102
Question #: 171
Topic #: 1
[All MD-102 Questions]

HOTSPOT
-

Your network contains an on-premises Active Directory Domain Services (AD DS) domain that syncs with an Azure AD tenant.

You have a Microsoft 365 subscription.

You plan to use Windows Autopilot to deploy new Windows devices.

You plan to create a deployment profile.

You need to ensure that the deployment meets the following requirements:

• Devices must be joined to AD DS regardless of their current working location.
• Users in the marketing department must have a line-of-business (LOB) app installed during the deployment.

The solution must minimize administrative effort.

What should you do for each requirement? To answer, select the appropriate options in the answer area.

NOTE: Each correct selection is worth one point.

Show Suggested Answer Hide Answer
Suggested Answer:
by VirtualJP at Oct. 17, 2023, 12:21 p.m.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
yhano
Highly Voted 8 months, 4 weeks ago
Install the Intune Connector for Active Directory: This ensures that devices can join your on-premises AD DS domain during the Autopilot deployment process, regardless of their location. Modify the Autopilot deployment profile: Within the Autopilot deployment profile, you can specify that the LOB app should be installed. This involves creating an app deployment in Intune and assigning it to the marketing department's user group. By doing this, the app will be automatically installed on their devices during the Autopilot deployment.
upvoted 7 times
Tr619899
8 months, 2 weeks ago
Devices must be joined to AD DS regardless of their current working location: Install the Intune connector for Active Directory. - To enable Windows Autopilot to join devices to an on-premises Active Directory (AD DS), you need the Intune connector for Active Directory. This connector acts as a bridge between Intune and AD DS, allowing devices to be Hybrid Azure AD joined (joined to both Azure AD and AD DS) regardless of the device's location. The marketing department users must have an LOB app installed during the deployment: Create a Microsoft Intune app deployment. - To install an LOB app for a specific group, you should create an Intune app deployment. Intune allows you to target app deployment to specific user groups (e.g., the marketing department) during Autopilot provisioning. This approach ensures that the app is deployed as part of the provisioning process with minimal administrative overhead.
upvoted 2 times
...
...
martinods
Most Recent 9 months, 3 weeks ago
The Intune Connector for Active Directory (ONLY) creates autopilot-enrolled computers in the on-premises Active Directory domain. (https://learn.microsoft.com/en-us/autopilot/windows-autopilot-hybrid) to complete the join you need a connection
upvoted 2 times
...
Bart_Hofstede
11 months, 1 week ago
Install the Intune connector for Active Directory. Create a Microsoft intune app deployment. VPN can be created after hybrid join.
upvoted 4 times
...
Prasis
1 year, 1 month ago
To meet the requirements for your Windows Autopilot deployment, you should configure the following: Devices must be joined to AD DS regardless of their current working location: Install the Intune connector for Active Directory: This allows devices to be joined to the on-premises AD DS during the Autopilot deployment process. Users in the marketing department must have a line-of-business (LOB) app installed during the deployment: Create a Microsoft Intune app deployment: This ensures that the LOB app is installed on the devices during the Autopilot deployment.
upvoted 1 times
...
chafe
1 year, 1 month ago
Question 1 is tricky - Intune connector can hybrid join, the device will be pending join to ADDS until it gets LoS to the DC but you can setup the VPN through autopilot to allow this to happen. Always on VPN will also allow enrollment from anywhere using hybrid join in autopilot and can be automated through autopilot with the correct infrastructure. Horrible horrible question, I hope the exam has more clarity
upvoted 1 times
chafe
1 year, 1 month ago
Finally came down in favor of always on VPN as connector will only work for hybrid join so if you have use cases where you only want to join ADDS then always on VPN is the only solution.
upvoted 3 times
...
...
Cheban
1 year, 4 months ago
The answers are : 1 - install the Intune connector and 2 - Modify the autopilot profile.
upvoted 4 times
...
mw612
1 year, 5 months ago
silly question. nowhere does it say that the intune connector for AD is installed. just because the domain is syncing to your tenant doesn't mean the connector is installed. that means entra connect is setup. thus, first answer should be setup intune connector second answer seems correct.
upvoted 1 times
...
MR_Eliot
1 year, 5 months ago
First question: - install the Intune connector activate Directory - modify autopilot configuraion: - Skip domain check: trure - Join Type: Hybrid Second answer: - create a Microsoft Intune App deployment
upvoted 3 times
...
St_Ives
1 year, 6 months ago
"1-You plan to use Windows Autopilot to deploy new Windows devices. 2- You plan to create a deployment profile." So, not modify existing autopilot, but make a new (hybrid domain joined) AutoPilot profile. To be able to make domain member via Hybrid Doma Join Autoilot, a connector must be setup. The question does not say anything about location of deployment, only working (after deployment) location and domain joined.... - install the Intune connector activate Directory - create a Microsoft Intune App deployment
upvoted 1 times
ckmay
1 year, 6 months ago
because the question says "Your network contains an on-premises Active Directory Domain Services (AD DS) domain that syncs with an Azure AD tenant.", that implies that the intune connector is already setup. Also it says that you PLAN to use autopilot and you PLAN to create a deploy profile suggesting these steps are not yet complete. based on that context, modifying a deployment profile doesnt make sense since you have not yet created one. seems like deploy the always on vpn makes the most sense because that would satisfy the first requirement to ensure the devices could be joined to AD DS. not sure how any other answer of the 4 choices could satisfy this requirement. Creating a deployment profile to skid AD connectivity check would not join it to the AD DS.
upvoted 7 times
...
...
NoursBear
1 year, 7 months ago
Well if the Intune Connector is already installed, then the reason the VPN choice wins is because of this key statement "Devices must be joined to AD DS regardless of their current working location." from anywhere, could be home
upvoted 3 times
NoursBear
1 year, 6 months ago
furthermore, is this not a mistake Devices must be joined to AD DS regardless of their current working location. they must mean Azure Hybrid join
upvoted 1 times
...
...
Amir1909
1 year, 7 months ago
- install the Intune connector activate Directory - create a Microsoft Intune App deployment
upvoted 3 times
...
sbermejor
1 year, 7 months ago
1- Modify autopilot deployment profile https://learn.microsoft.com/en-us/autopilot/windows-autopilot-hybrid "When using BYO VPNs, you should select Yes for the Skip AD connectivity check option in the Windows Autopilot deployment profile. Always-On VPNs shouldn't require this option since it connects automatically." https://techcommunity.microsoft.com/t5/microsoft-intune/hybrid-join-skip-ad-connectivity-check/m-p/1483065 2- Create a Microsoft Intune app deployment.
upvoted 2 times
...
belyo
1 year, 7 months ago
so its modify the autopilot deployment profile [you can chose to join ad option] & intune app deployment
upvoted 1 times
...
yosry
1 year, 8 months ago
SEEMS CORRECT
upvoted 1 times
...
rhylos
1 year, 9 months ago
You must install the Intune Connector for AD for hybrid join , the VPN choice doesnt make sense, there is no mention about VPN in the qn, How do I join Autopilot devices to hybrid ad? How to join Autopilot devices to Hybrid AD Intune Autopilot Hybrid AD joined Requirements. High-level steps. Delegate Active Directory rights. Install and configure the Intune Connector. Configure Autopilot profile for Intune Hybrid AD joined. Create Domain Join configuration profile. Testing the Intune Hybrid AD joined.
upvoted 3 times
Kiookr
1 year, 8 months ago
If you look at the first sentence at the end say "that syncs with an Azure AD tenant." I'm assuming is already connected using "Intune connector" .. let me know
upvoted 4 times
...
...
h38jhd38k
1 year, 9 months ago
https://learn.microsoft.com/en-us/mem/intune/apps/lob-apps-windows
upvoted 1 times
...
VirtualJP
1 year, 10 months ago
Agreed
upvoted 1 times
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel