ExamTopics Logo
Mail Us[email protected]
Menu
Microsoft Discussions
exam questions

Exam MS-100 All Questions

View all questions & answers for the MS-100 exam
Go to Exam

Exam MS-100 topic 3 question 6 discussion

Actual exam question from Microsoft's MS-100
Question #: 6
Topic #: 3
[All MS-100 Questions]

Your network contains a single Active Directory domain and two Microsoft Azure Active Directory (Azure AD) tenants.
You plan to implement directory synchronization for both Azure AD tenants. Each tenant will contain some of the Active Directory users.
You need to recommend a solution for the planned directory synchronization.
What should you include in the recommendation?

  • A. Deploy two servers that run Azure AD Connect, and then filter the users for each tenant by using attribute-based filtering.
  • B. Deploy one server that runs Azure AD Connect, and then specify two sync groups.
  • C. Deploy one server that runs Azure AD Connect, and then filter the users for each tenant by using attribute-based filtering.
  • D. Deploy one server that runs Azure AD Connect, and then filter the users for each tenant by using domain-based filtering.
Show Suggested Answer Hide Answer
Suggested Answer: A 🗳️
by kazaki at June 13, 2020, 8:40 p.m.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
[Removed]
Highly Voted 4 years, 11 months ago
Answer: A Explanation There's a 1:1 relationship between an Azure AD Connect sync server and an Azure AD tenant. For each Azure AD tenant, you need one Azure AD Connect sync server installation. Therefore, we need to deploy two servers that run Azure AD Connect for the two Azure AD tenants. Each user account can only be synchronized to one Azure AD tenant. Therefore, we need a way of splitting the users between the two Azure AD tenants. Azure AD Connect offers three ways to filter which users get synchronized to an Azure AD tenant. You can use domain-based filtering if you have multiple domains in a forest, attribute-based filtering or OU-based filtering. Reference: https://docs.microsoft.com/en-us/azure/active-directory/hybrid/plan-connect-topologies#multipleazure- ad-tenan https://docs.microsoft.com/en-us/azure/active-directory/hybrid/how-to-connect-sync-configurefiltering
upvoted 27 times
...
STFN2019
Highly Voted 4 years, 11 months ago
A is correct. "There's a 1:1 relationship between an Azure AD Connect sync server and an Azure AD tenant. For each Azure AD tenant, you need one Azure AD Connect sync server installation. The Azure AD tenant instances are isolated by design. That is, users in one tenant can't see users in the other tenant."
upvoted 9 times
...
Meebler
Most Recent 2 years, 3 months ago
A. Deploy two servers that run Azure AD Connect, and then filter the users for each tenant by using attribute-based filtering. This is the recommended solution because Azure AD Connect does not natively support synchronizing to multiple Azure AD tenants from a single Active Directory domain. To achieve the desired synchronization, you will need to deploy two separate Azure AD Connect servers. Each server will be responsible for synchronizing a subset of the users to one of the Azure AD tenants. You can use attribute-based filtering to specify which users will be synchronized to each tenant.
upvoted 1 times
...
Startkabels
2 years, 6 months ago
Selected Answer: A
2 servers
upvoted 2 times
...
Tibo49100
3 years, 2 months ago
Selected Answer: A
You will need to deploy an AADConnect server for every Azure AD tenant you want to synchronize to - one AADConnect server cannot synchronize to more than one Azure AD tenant : https://docs.microsoft.com/en-us/azure/active-directory/hybrid/plan-connect-topologies#multiple-azure-ad-tenants
upvoted 3 times
...
spg987
3 years, 10 months ago
In exam today
upvoted 2 times
...
Prates_BR
4 years, 1 month ago
Correct. A for sure!
upvoted 2 times
...
FableFa
4 years, 12 months ago
One AD Connect per destination tenant (excepted Staging server) - Answer A correct
upvoted 5 times
...
kazaki
5 years ago
Having multiple Azure AD Connect sync servers connected to the same Azure AD tenant is not supported, except for a staging serve https://docs.microsoft.com/en-us/azure/active-directory/hybrid/plan-connect-topologies#multiple-azure-ad-tenants So A is definite wrong answer
upvoted 5 times
DavidSapery
5 years ago
But the question says that there are 2 tenants.
upvoted 25 times
lucidgreen
4 years, 3 months ago
It would appear that using 1 AD Connect for multiple tenants is unsupported. A is the only viable option, but in case there are other answers, remember that they must be configured for filtering so that each has a mutually exclusive set of objects to process.
upvoted 5 times
...
...
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel