ExamTopics Logo
Mail Us[email protected]
Menu
Microsoft Discussions
exam questions

Exam AZ-500 All Questions

View all questions & answers for the AZ-500 exam
Go to Exam

Exam AZ-500 topic 5 question 33 discussion

Actual exam question from Microsoft's AZ-500
Question #: 33
Topic #: 5
[All AZ-500 Questions]

DRAG DROP -
Your network contains an on-premises Active Directory domain named contoso.com. The domain contains a user named User1.
You have an Azure subscription that is linked to an Azure Active Directory (Azure AD) tenant named contoso.com. The tenant contains an Azure Storage account named storage1. Storage1 contains an Azure file share named share1.
Currently, the domain and the tenant are not integrated.
You need to ensure that User1 can access share1 by using his domain credentials.
Which three actions should you perform in sequence? To answer, move the appropriate actions from the list of actions to the answer area and arrange them in the correct order.
Select and Place:

Show Suggested Answer Hide Answer
Suggested Answer:
Reference:
https://docs.microsoft.com/en-us/azure/storage/files/storage-files-identity-auth-active-directory-enable
by macco455 at March 30, 2021, 8:22 p.m.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
macco455
Highly Voted 4 years, 3 months ago
Looks good to me
upvoted 17 times
...
zellck
Highly Voted 2 years, 2 months ago
1. Implement Azure AD Connect 2. Enable an AD source for Azure File shares 3. Assign share-level permissions for share1 https://learn.microsoft.com/en-us/azure/storage/files/storage-files-identity-auth-active-directory-enable#prerequisites Enabling AD DS authentication for your Azure file shares allows you to authenticate to your Azure file shares with your on-premises AD DS credentials. Further, it allows you to better manage your permissions to allow granular access control. Doing this requires synching identities from on-premises AD DS to Azure AD using either the on-premises Azure AD Connect sync application or Azure AD Connect cloud sync, a lightweight agent that can be installed from the Azure Active Directory Admin Center. You assign share-level permissions to hybrid identities synced to Azure AD while managing file/directory-level access using Windows ACLs.
upvoted 7 times
zellck
2 years, 1 month ago
Gotten this in May 2023 exam.
upvoted 2 times
...
zellck
2 years, 2 months ago
Follow these steps to set up Azure Files for AD DS authentication: - Enable AD DS authentication on your storage account - Assign share-level permissions to the Azure AD identity (a user, group, or service principal) that is in sync with the target AD identity - Configure Windows ACLs over SMB for directories and files - Mount an Azure file share to a VM joined to your AD DS - Update the password of your storage account identity in AD DS
upvoted 1 times
...
...
saira23
Most Recent 11 months, 2 weeks ago
In Exam20/07/2024
upvoted 3 times
...
JaridB
1 year, 1 month ago
Provided solution is correct: 1. Implement Azure AD Connect: This is the foundation. Azure AD Connect synchronizes your on-premises Active Directory (contoso.com) with your Azure AD tenant of the same name. This ensures User1's identity exists in Azure AD. 2. Enable Active Directory Domain Services authentication to storage1: Once the user's on-premises identity is represented in Azure AD, you need to enable storage1 to use this authentication method. This allows Azure storage to recognize and authenticate User1's domain credentials. 3. Assign share-level permissions for share1: Finally, you grant specific access rights to User1 on the Azure file share (share1). This determines what actions User1 can perform within the share.
upvoted 2 times
...
zellck
2 years, 2 months ago
Same as Question 67. https://www.examtopics.com/discussions/microsoft/view/95827-exam-az-500-topic-5-question-67-discussion
upvoted 5 times
...
majstor86
2 years, 4 months ago
1. Implement Azure AD Connect 2. Enable AD DS authentication on storage1 3. Assign share-level permissions for Share1
upvoted 6 times
...
acexyz
3 years ago
# IN EXAM - 30/6/2022
upvoted 1 times
...
alou333
3 years ago
# IN EXAM - 3rd june 2022 (online). Lot of new questions. Good luck !
upvoted 4 times
...
Payday123
3 years, 4 months ago
This is correct. For shure
upvoted 2 times
Ajdlfasudfo0
2 years, 6 months ago
well, if it is correct for shure, I guess we gotta go with it
upvoted 2 times
...
...
cfsxtuv33
3 years, 5 months ago
Looks good from my house.
upvoted 4 times
...
JosipBroz
3 years, 6 months ago
correct answer : https://docs.microsoft.com/en-us/azure/storage/files/storage-files-identity-ad-ds-assign-permissions?tabs=azure-portal
upvoted 1 times
...
ad7399
3 years, 7 months ago
If you go by this Microsoft video then ad connect is unnecessary. https://www.youtube.com/watch?v=jd49W33DxkQ&ab_channel=MicrosoftAzure
upvoted 1 times
...
Bjarki2330
3 years, 11 months ago
Believe this is correct. Referring to this article: https://docs.microsoft.com/en-us/azure/storage/files/storage-files-active-directory-overview#how-it-works
upvoted 1 times
...
hendry781
4 years, 3 months ago
wrong. answer to (2) should be create a private link to storage1
upvoted 1 times
OhBee
4 years, 2 months ago
The answer is correct. Ref: https://docs.microsoft.com/en-us/azure/storage/files/storage-files-identity-auth-active-directory-domain-service-enable?tabs=azure-portal
upvoted 15 times
...
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel