READ Free Dumps For Microsoft- 70-346
| Question ID 13941 | Contoso Ltd has an Office 365 Tenant. The company plans to implement single sign-on
(SSO). You install Active Directory Federation Services.
You need to enable the use of SSO.
How should you complete the relevant Windows PowerShell commands? To answer
select the appropriate Windows PowerShell segment from each list in the answer area.
|
| Option A | 
|
| Correct Answer | A |
Explanation
| Question ID 13942 | Contoso, Ltd., has an Office 365 tenant. You configure Office 365 to use the domain
contoso.com, and you verify the domain. You deploy and configure Active Directory
Federation Services (AD FS) and Active Directory Synchronization Services (AAD Sync)
with password synchronization. You connect to Azure Active Directory by using a Remote
PowerShell session.
You need to switch from using password-synced passwords to using AD FS on the Office
365 verified domain.
Which Windows PowerShell command should you run?
|
| Option A | Convert-MsolDomainToFederated –DomainName contoso.com
|
| Option B | Convert-MsolDomainToStandard –DomainName contoso.com
|
| Option C | Convert-MsolFederatedUser
|
| Option D | Set-MsolDomainAuthentication –DomainName contoso.com
|
| Correct Answer | A |
Explanation Explanation: The Convert-MSOLDomainToFederated cmdlet converts the specified domain from standard authentication to single sign-on (also known as identity federation), including configuring the relying party trust settings between the Active Directory Federation Services (AD FS) server and the Microsoft Online Services. As part of converting a domain from standard authentication to single sign-on, each user must also be converted. This conversion happens automatically the next time a user signs in; no action is required by the administrator. Incorrect: Not B: This is the opposite to what is required. The Convert-MsolDomainToStandard cmdlet converts the specified domain from single sign-on (also known as identity federation) to standard authentication. This process also removes the relying party trust settings in the AD FS server and online service. After the conversion, this cmdlet will convert all existing users from single sign-on to standard authentication. Not C: The Convert-MsolFederatedUser cmdlet is used to update a user in a domain that was recently converted from single sign-on (also known as identity federation) to standard authentication type. A new password must be provided for the user. Not D: The Set-MsolDomainAuthentication cmdlet is used to change the domain authentication between standard identity and single-sign on. This cmdlet will only update the settings in Microsoft Online Services; typically the Convert-MsolDomainToStandard or Convert-MsolDomainToFederated should be used instead. Reference: Convert-MsolDomainToFederated https://msdn.microsoft.com/en-us/library/azure/dn194092.aspx