ExamTopics Logo
Mail Us[email protected]
Menu
Microsoft Discussions
exam questions

Exam SC-300 All Questions

View all questions & answers for the SC-300 exam
Go to Exam

Exam SC-300 topic 1 question 37 discussion

Actual exam question from Microsoft's SC-300
Question #: 37
Topic #: 1
[All SC-300 Questions]

You have an Azure Active Directory (Azure AD) tenant that contains the users shown in the following table.



You have an administrative unit named Au1. Group1, User2, and User3 are members of Au1.

User5 is assigned the User administrator role for Au1.

For which users can User5 reset passwords?

  • A. User1, User2, and User3
  • B. User1 and User2 only
  • C. User3 and User4 only
  • D. User2 and User3 only
Show Suggested Answer Hide Answer
Suggested Answer: D 🗳️
by divyakanth at Jan. 17, 2023, 7:51 a.m.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
Halwagy
Highly Voted 2 years, 6 months ago
Selected Answer: D
Adding a group to an administrative unit brings the group itself into the management scope of the administrative unit, but not the members of the group. In other words, an administrator scoped to the administrative unit can manage properties of the group, such as group name or membership, but they cannot manage properties of the users or devices within that group (unless those users and devices are separately added as members of the administrative unit). https://learn.microsoft.com/en-us/azure/active-directory/roles/administrative-units
upvoted 40 times
...
CloudRat
Highly Voted 2 years, 6 months ago
D. Is the correct answer. The User administrative role assigned, will only grant permission to reset passwords for Directly assigned members to the AU. Members of Groups, which is assigned to the AU, is not affected by this. Tested this in Own Environment just to be sure :)
upvoted 7 times
...
test123123
Most Recent 7 months, 1 week ago
Selected Answer: D
D. User2 and User3 only. When you add a group to an administrative unit, only the group itself is brought into the management scope of the administrative unit, not the individual members of the group
upvoted 3 times
...
Labelfree
9 months, 1 week ago
Funny, Co-pilot got this wrong until you copy community notes from here and ask, so is everyone wrong here? it then Agrees with D suddenly. Prior to that it answers A is correct. Here's what it originally output that is 'incorrect' - In Azure Active Directory (Azure AD), a User administrator assigned to an administrative unit (AU) can manage users within that AU. Given the details: AU1 includes Group1, User2, and User3. User5 is the User administrator for AU1. User5 can reset passwords for: User2 (direct member of AU1) User3 (direct member of AU1) User1 (indirect member via Group1, which is part of AU1) User5 cannot reset passwords for User4 and User5, as they are not part of AU1.
upvoted 2 times
...
PrismaConsultores
9 months, 2 weeks ago
Selected Answer: D
Respuesta correcta D
upvoted 1 times
...
Futfuyfyjfj
1 year, 2 months ago
Selected Answer: D
Assigning groups to an Administrative Unit only assigns/gives permissions to those groups, not to the members of those groups
upvoted 2 times
...
cyberchef192
1 year, 5 months ago
Obvious, you cant change password of a group only users, duuuuh!
upvoted 3 times
...
haazybanj
1 year, 9 months ago
Why is User1 not included?
upvoted 2 times
Nyamnyam
1 year, 9 months ago
Because of what Halwagy has quoted and referenced above ;)
upvoted 2 times
...
...
EmnCours
1 year, 12 months ago
Selected Answer: D
User2 and User3 only
upvoted 2 times
...
Husterix
2 years, 1 month ago
Selected Answer: D
D is the correct answer: the admin role only works on directly added members to the AU.
upvoted 5 times
...
dule27
2 years, 2 months ago
Selected Answer: D
User2 and User3 only
upvoted 2 times
...
ShoaibPKDXB
2 years, 3 months ago
Selected Answer: D
D is correct
upvoted 1 times
...
oscarpopi
2 years, 6 months ago
Selected Answer: D
https://learn.microsoft.com/en-us/azure/active-directory/enterprise-users/groups-dynamic-membership#operator-precedence
upvoted 1 times
...
divyakanth
2 years, 6 months ago
can i say that AU is alos a Group and since addidng a group in to an existing group will not make the root users a set of the master group(nested group). and hence the user1 will n ot be added and the other users were directly added and so the admin can act on them
upvoted 1 times
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel