Implementing Identity Synchronization with Azure AD Connect Flashcards

1
Q

What are the domain requirements for Azure AD Connect?

A

Forest functional level must be Windows Server 2008 or higher. Three accounts needed: local admin, Microsoft 365 global admin, on-premises AD enterprise admin.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

What are the domain object requirements for Azure AD Connect?

A

Remove duplicate proxy addresses and email addresses. Eliminate questionable characters in fields like displayName, givenName, surname, sAMAccountName, and userPrincipalName. User must have a UPN that matches Azure domain.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

What is the purpose of the IdFix tool in Azure AD Connect?

A

It identifies and fixes issues in on-premises AD accounts before syncing with Azure AD. Runs on Windows 7 or higher, requires access to read/write AD objects.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

What is the master for making changes and edits to synced identities?

A

The on-prem AD structure.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

What happens when an object is deleted on-prem?

A

It is soft deleted in Azure AD and can be restored within 30 days.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

How can deleted objects be restored in Azure AD?

A

By enabling the AD Recycle Bin on the on-prem AD structure and waiting for the next sync cycle.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

How are changes synchronized to Azure AD?

A

Through Azure AD Connect.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

What is cloud-only authentication in Azure AD Connect?

A

It synchronizes the user account between on-premises and the cloud, but the password remains separate, requiring separate authentication.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

How does password hash sync work in Azure AD Connect?

A

The hash of the on-premises password is synchronized to Azure AD, allowing for a single sign-on experience with the same password across both environments.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

What is pass-through authentication in Azure AD Connect?

A

It involves installing a small agent on the AD Connect server to act as a bridge for authentication requests between on-premises and Azure AD, providing high availability without requiring manual updates.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

What is ADFS (Active Directory Federation Services) in Azure AD Connect?

A

It passes authentication off to on-premises domain controllers through configured servers, relying on on-premises resources and requiring resilience for authentication to the cloud.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly