ExamTopics Logo
Mail Us[email protected]
Menu
Microsoft Discussions
exam questions

Exam AZ-500 All Questions

View all questions & answers for the AZ-500 exam
Go to Exam

Exam AZ-500 topic 5 question 67 discussion

Actual exam question from Microsoft's AZ-500
Question #: 67
Topic #: 5
[All AZ-500 Questions]

DRAG DROP
-

Your network contains an on-premises Active Directory domain named contoso.com. The domain contains a user named User1.

You have an Azure subscription that is linked to an Azure Active Directory (Azure AD) tenant named contoso.com. The tenant contains an Azure Storage account named storage1. Storage1 contains an Azure file share named share1.

Currently, the domain and the tenant are not integrated.

You need to ensure that User1 can access share1 by using his domain credentials.

Which three actions should you perform in sequence? To answer, move the appropriate actions from the list of actions to the answer area and arrange them in the correct order.

Show Suggested Answer Hide Answer
Suggested Answer:
by Ajdlfasudfo0 at Jan. 18, 2023, 12:28 p.m.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
zellck
Highly Voted 1 year ago
1. Implement Azure AD Connect 2. Enable an AD source for Azure File shares 3. Assign share-level permissions for share1 https://learn.microsoft.com/en-us/azure/storage/files/storage-files-identity-auth-active-directory-enable#prerequisites Enabling AD DS authentication for your Azure file shares allows you to authenticate to your Azure file shares with your on-premises AD DS credentials. Further, it allows you to better manage your permissions to allow granular access control. Doing this requires synching identities from on-premises AD DS to Azure AD using either the on-premises Azure AD Connect sync application or Azure AD Connect cloud sync, a lightweight agent that can be installed from the Azure Active Directory Admin Center. You assign share-level permissions to hybrid identities synced to Azure AD while managing file/directory-level access using Windows ACLs.
upvoted 13 times
zellck
1 year ago
Follow these steps to set up Azure Files for AD DS authentication: - Enable AD DS authentication on your storage account - Assign share-level permissions to the Azure AD identity (a user, group, or service principal) that is in sync with the target AD identity - Configure Windows ACLs over SMB for directories and files - Mount an Azure file share to a VM joined to your AD DS - Update the password of your storage account identity in AD DS
upvoted 1 times
...
...
ESAJRR
Most Recent 7 months, 2 weeks ago
1. Implement Azure AD Connect 2. Enable an AD source for Azure File shares 3. Assign share-level permissions for share1
upvoted 4 times
...
ServerBrain
9 months, 2 weeks ago
Yeah, the given answers are correct. Why would creating a service endpoint or a link be relevant when it's about user1 access
upvoted 1 times
...
majstor86
1 year, 2 months ago
1. Implement Azure AD Connect 2. Enable an AD source for Azure file shares 3. Assign share-level permissions for Share1
upvoted 2 times
majstor86
1 year, 2 months ago
https://learn.microsoft.com/en-us/azure/storage/files/storage-files-identity-ad-ds-assign-permissions?tabs=azure-portal
upvoted 2 times
...
...
chikorita
1 year, 2 months ago
answers seem correct cuz I believe Service endpoint and Privatelink is for connecting azure services securely whereas here in this case, we want hybrid connectivity so the answer makes sense
upvoted 2 times
...
Ajdlfasudfo0
1 year, 3 months ago
seems correct, this question was asked before
upvoted 3 times
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel
exam
Someone Bought Contributor Access for:
SY0-701
London, 1 minute ago