ExamTopics Logo
Mail Us[email protected]
Menu
Microsoft Discussions
exam questions

Exam AZ-500 All Questions

View all questions & answers for the AZ-500 exam
Go to Exam

Exam AZ-500 topic 4 question 26 discussion

Actual exam question from Microsoft's AZ-500
Question #: 26
Topic #: 4
[All AZ-500 Questions]

HOTSPOT -
You have an Azure Active Directory (Azure AD) tenant named contoso.com that contains the users shown in the following table.

Contoso.com contains a group naming policy. The policy has a custom blocked word list rule that includes the word Contoso.
Which users can create a group named Contoso Sales in contoso.com? To answer, select the appropriate options in the answer area.
NOTE: Each correct selection is worth one point.
Hot Area:

Show Suggested Answer Hide Answer
Suggested Answer:
Reference:
https://docs.microsoft.com/en-us/azure/active-directory/enterprise-users/groups-naming-policy
by Roger_Smurf at June 30, 2021, 4:56 p.m.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
Roger_Smurf
Highly Voted 3 years, 11 months ago
1) Admin1,2,3 because policy naming blocks only apply to O365 2) Admin 1,3 because Global Admin and User Admin are exempt. https://docs.microsoft.com/en-us/azure/active-directory/enterprise-users/groups-naming-policy
upvoted 49 times
Socgen1
3 years, 9 months ago
1) Does that mean that they all can create the security groups?
upvoted 2 times
sugiats
3 years, 3 months ago
yessssss
upvoted 1 times
...
...
...
Lyonel
Highly Voted 3 years, 11 months ago
Explanation provided in the link shows the answer provided is CORRECT: Some administrator roles are exempted from these policies, across all group workloads and endpoints, so that they can create groups using blocked words and with their own naming conventions. The following administrator roles are exempted from the group naming policy: Global Administrator User Administrator https://docs.microsoft.com/en-us/azure/active-directory/enterprise-users/groups-naming-policy
upvoted 15 times
rockyykrish
3 years, 9 months ago
Group policy is apply only to the O365. When group naming policy is configured, the policy will be applied to new Microsoft 365 groups created by end users. Naming policy does not apply to certain directory roles, such as Global Administrator or User Administrator (please see below for the complete list of roles exempted from group naming policy). For existing Microsoft 365 groups, the policy will not immediately apply at the time of configuration. Once group owner edits the group name for these groups, naming policy will be enforced, even if no changes are made.
upvoted 1 times
...
...
JaridB
Most Recent 11 months ago
Given answers are correct: Some administrator roles are exempted from these policies, across all group workloads and endpoints, so that they can create groups by using blocked words and with their own naming conventions. The following administrator roles are exempted from the group naming policy: Global Administrator User Administrator Explicitly state here: https://learn.microsoft.com/en-us/entra/identity/users/groups-naming-policy
upvoted 1 times
JaridB
11 months ago
same for Office 365 When a group naming policy is configured, the policy is applied to new Microsoft 365 groups created by users. A naming policy doesn't apply to certain directory roles, such as Global Administrator or User Administrator. (For the complete list of roles exempted from a group naming policy, see the "Roles and permissions" section.) For existing Microsoft 365 groups, the policy isn't immediately applied at the time of configuration. After a group owner edits the group name for these groups, the naming policy is enforced even if no changes are made. See link for proof: https://learn.microsoft.com/en-us/entra/identity/users/groups-naming-policy
upvoted 1 times
...
...
wardy1983
1 year, 7 months ago
1) Admin1,2,3 because policy naming blocks only apply to O365 2) Admin 1,3 because Global Admin and User Admin are exempt.
upvoted 2 times
...
heatfan900
1 year, 9 months ago
FROM MICROSOFT: When group naming policy is configured, the policy will be applied to new Microsoft 365 groups created by end users. Naming policy does not apply to certain directory roles, such as Global Administrator or User Administrator
upvoted 4 times
...
Self_Study
1 year, 10 months ago
On an exam on 7/8/23
upvoted 4 times
...
Metwally
2 years ago
Test on Lab Three Admin 1,2&3 can create Security Group. Admin 1 , 3 only can create M365 Group
upvoted 4 times
...
majstor86
2 years, 3 months ago
1. admin1, admin2, admin3 2. admin1, admin3
upvoted 4 times
...
Muaamar_Alsayyad
2 years, 7 months ago
Given Answer is correct
upvoted 1 times
Muaamar_Alsayyad
2 years, 7 months ago
Sorry my bad, 1- admin1, admin2, admin3 ( naming policy only apply to 365 groups 2- admin1, admin3 ( only global admin and user admin) are exempted from the naming policy
upvoted 5 times
...
...
satpan
3 years, 2 months ago
https://docs.microsoft.com/en-us/microsoft-365/admin/create-groups/office-365-groups?view=o365-worldwide. Only global admins, user admins, and groups admins can create and manage groups in the Microsoft 365 admin center. so for NO. 2 it should be all and also for NO.2 it should be all
upvoted 1 times
satpan
3 years, 2 months ago
correction: Question says "group administrator", it is "Groups Administrator", so group administrator could be a custom role, so i will go with "global administrator and user administrator"
upvoted 2 times
...
...
Eltooth
3 years, 2 months ago
Admin 1, 2 and 3 can create Security group. Admin 1 and 3 is correct for O365 Security Groups. https://docs.microsoft.com/en-us/azure/active-directory/enterprise-users/groups-naming-policy#roles-and-permissions
upvoted 1 times
...
jack987
3 years, 2 months ago
The answer is correct. 1) Admin 1 and Admin 3 only 2) Admin 1 and Admin 3 only Even though the policy naming applies only for M365 groups, the Groups Admin Role is designed mainly for Office 365 groups and cannot manage other group types like distribution groups, mail-enabled security groups or shared mailboxes. https://techcommunity.microsoft.com/t5/microsoft-365-groups/introducing-the-groups-admin-role/m-p/978995 The following administrator roles are exempted from the group naming policy: Global Administrator User Administrator https://docs.microsoft.com/en-us/azure/active-directory/enterprise-users/groups-naming-policy
upvoted 1 times
...
Payday123
3 years, 3 months ago
Short: Naming policy only applies to Microsoft 365 groups: "When group naming policy is configured, the policy will be applied to new Microsoft 365 groups created by end users. Naming policy does not apply to certain directory roles, such as Global Administrator or User Administrator"
upvoted 1 times
...
subhuman
3 years, 3 months ago
This is correct!
upvoted 1 times
...
hanyahmed
3 years, 4 months ago
The policy will be applied to new Microsoft 365 groups created by end users. Naming policy does not apply to certain directory roles, such as Global Administrator or User Administrator. 1) Admin1,2,3 2) Admin 1,3
upvoted 2 times
...
Jco
3 years, 8 months ago
#exam ques # 29 Sep
upvoted 1 times
...
kam117
3 years, 8 months ago
## Exam Question - 24 Sept 2021 ##
upvoted 1 times
...
Load full discussion...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel