ExamTopics Logo
Mail Us[email protected]
Menu
Microsoft Discussions
exam questions

Exam MS-100 All Questions

View all questions & answers for the MS-100 exam
Go to Exam

Exam MS-100 topic 1 question 25 discussion

Actual exam question from Microsoft's MS-100
Question #: 25
Topic #: 1
[All MS-100 Questions]

Your company has acquired Microsoft 365 for their Active Directory domain, which includes five domain controllers.
Prior to implementing a number of Microsoft 365 services, you are tasked with making use of an authentication solution that allows users to access Microsoft 365 by using their on-premises credentials. The solution should also only make use of the current server infrastructure. Furthermore, must allow for all user passwords to only be stored on-premises, and be highly available.
Solution: You configure the use of pass-through authentication only.
Does the solution meet the goal?

  • A. Yes
  • B. No
Show Suggested Answer Hide Answer
Suggested Answer: A 🗳️
by miul84 at July 9, 2021, 12:39 p.m.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
Stiobhan
Highly Voted 3 years, 7 months ago
Selected Answer: A
100% A. No need for links, do your own research and figure it out. PTA is the only solution here!!!
upvoted 13 times
Durden871
3 years, 4 months ago
It mentions that you are configuring the use of PTA, which you would do through Directory Sync. It just says you do this, "only". You still need to install two more authentication agents which I don't see anywhere else in this question. The question is asking, how do you do this and provide HA. The solution specifically says, "only enable PTA". I said A, but I think now it's B.
upvoted 3 times
...
...
fofo1960
Highly Voted 3 years, 8 months ago
I think its A, HA is also can be done by installing multiple PTA, in my org, I have three.
upvoted 6 times
bake73
3 years, 5 months ago
The question is not if it's feasible. Yes HA is possible but in the question it is not stated if you install agents, only PTA. So HA not met. Never assume more than the question in Microsoft exams.
upvoted 1 times
bake73
3 years, 5 months ago
Edit; and the minimum agent for PTA is 1 sooo.... no HA
upvoted 1 times
Paolo2022
2 years, 7 months ago
Well, the suggested answer doesn't mention agents - so how do you know that any agents are installed? ;-) It might be 1 or 2 or 3, it doesn't say... So I think your argument doesn't hold here.
upvoted 2 times
...
...
...
...
DaDaDave
Most Recent 1 year, 11 months ago
Selected Answer: B
Pass Through is PART of the solution, but HA is needed to achieve goal but not states as implemented
upvoted 1 times
...
BigStan82
2 years, 3 months ago
Selected Answer: A
100% A
upvoted 1 times
...
Feyenoord
2 years, 4 months ago
Selected Answer: B
100% B while PTA is indeed correct you still need to install at least 2 agents. Since they talk about enabling PTA only it is not enough!
upvoted 1 times
...
DeLoc
2 years, 4 months ago
Selected Answer: A
Yes, the solution of using pass-through authentication only meets all the requirements of the task, including allowing users to access Microsoft 365 with their on-premises credentials, storing all user passwords on-premises, and providing high availability for authentication.
upvoted 1 times
...
Nussi1108
2 years, 4 months ago
Selected Answer: A
Ja, die Verwendung der Pass-Through-Authentifizierung kann die Ziele erfüllen. Die Pass-Through-Authentifizierung ermöglicht es Benutzern, sich mit ihren lokalen Anmeldeinformationen bei Microsoft 365 anzumelden, indem sie ihre Anmeldeinformationen an den lokalen Domänencontroller weiterleiten. Die Kennwörter werden nur lokal gespeichert und die aktuelle Serverinfrastruktur wird genutzt, um eine hohe Verfügbarkeit zu gewährleisten.
upvoted 1 times
...
Don123
2 years, 5 months ago
A. Yes, the solution of configuring pass-through authentication meets the goal of allowing users to access Microsoft 365 by using their on-premises credentials, utilizing the current server infrastructure, and ensuring that all user passwords are stored on-premises and highly available. Pass-through authentication allows for on-premises Active Directory credentials to be verified directly against the on-premises Active Directory, rather than syncing the credentials to Azure Active Directory. This way, it meets the requirement of storing the passwords on-premises and being highly available.
upvoted 1 times
...
hubran
2 years, 5 months ago
Selected Answer: B
Consider the wording here. They say: "You configure PTA ONLY". This means by just enabling PTA without doing anything else, high availability won't be reached
upvoted 2 times
...
gbartumeu
2 years, 5 months ago
Selected Answer: B
Not only PTA but PTA with password hash
upvoted 2 times
...
urbanmonk
2 years, 8 months ago
If we consider high availability which the question emphazises, PTA only does not meet this requirement. So the answer is correct - NO "If you plan to deploy Pass-through Authentication in a production environment, you should install additional standalone Authentication Agents. Install these Authentication Agent(s) on server(s) other than the one running Azure AD Connect. This setup provides you with high availability for user sign-in requests." https://learn.microsoft.com/en-us/azure/active-directory/hybrid/how-to-connect-pta-quick-start#step-4-ensure-high-availability
upvoted 1 times
...
gdunlop
2 years, 9 months ago
This is just a bad question - PTA should be the answer, but the question is too vague
upvoted 2 times
...
Mea988
3 years, 4 months ago
Selected Answer: A
Can become HA by installing agents. You have five DCs, so no worries. PTA is fine
upvoted 1 times
...
joergsi
3 years, 4 months ago
Selected Answer: B
B => Without Azure AD Password Protection proxy servers no HA!
upvoted 2 times
alex_p
3 years, 3 months ago
So, you say that without Password Protection proxy agents installed - the passwords on five DCs on prem are not higly available!? :)
upvoted 1 times
...
...
joergsi
3 years, 5 months ago
The answer should be YES, the requirements are: - passwords are not stored in the cloud, only on-prem This can only be achieved with path-through: https://docs.microsoft.com/en-us/azure/active-directory/hybrid/how-to-connect-pta
upvoted 2 times
joergsi
3 years, 4 months ago
Changed my mind, it's B: https://docs.microsoft.com/en-us/azure/active-directory/authentication/howto-password-ban-bad-on-premises-deploy High availability considerations The main concern for password protection is the availability of Azure AD Password Protection proxy servers when the DCs in a forest try to download new policies or other data from Azure. Each Azure AD Password Protection DC agent uses a simple round-robin-style algorithm when deciding which proxy server to call. The agent skips proxy servers that aren't responding. => Without Azure AD Password Protection proxy servers no HA!
upvoted 1 times
...
...
jill44
3 years, 5 months ago
You configure the use of pass-through authentication only? Needs SSO! B is correct.
upvoted 1 times
...
Davidchercm
3 years, 5 months ago
i would choose no as no sso
upvoted 1 times
...
Load full discussion...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel