Maintain user profiles - Configure Enterprise State Roaming in Azure Flashcards
What does enabling Enterprise State Roaming provide to an organization?
A free, limited-use license for Azure Rights Management protection from Azure Information Protection
This license is automatically granted upon enabling Enterprise State Roaming.
What is the limitation of the free subscription granted by Enterprise State Roaming?
It is limited to encrypting and decrypting enterprise settings and application data synced by Enterprise State Roaming
This means that the free subscription does not cover all functionalities of Azure Rights Management.
What is required to use the full capabilities of the Azure Rights Management service?
A paid subscription
3 steps
How to enable Enterprise State Roaming ?
Step 1 : Sign in to the Azure portal.
Step 2 : Select Microsoft Entra ID > Devices > Enterprise State Roaming.
Step 3 : Select either All or Selected next to Users may sync settings and app data across devices.
What identity is mandatory for a Windows device to use the Enterprise State Roaming service?
Microsoft Entra identity
This identity is used for authentication on devices joined to Microsoft Entra ID.
What must an IT admin do for devices using on-premises Active Directory?
Configure Microsoft Entra hybrid joined devices
This ensures proper integration with Microsoft Entra.
What types of Windows settings are included in the data that roams?
Windows settings: the PC settings that are built into the Windows operating system.
* Theme
* Internet Explorer settings
* Passwords
* Language preferences
* Ease of access features
* Other Windows settings
These settings help personalize the user experience on Windows devices.
What are examples of settings included under ‘Theme’?
- Desktop theme
- Taskbar settings
These settings allow users to customize the visual appearance of their Windows environment.
What types of passwords are included in the roaming data?
- Internet passwords
- Wi-Fi profiles
These passwords are synchronized across devices for easier access.
What does ‘Application data’ refer to in the context of Enterprise State Roaming?
Settings data written by Universal Windows apps to a roaming folder
Apps must be designed by developers to utilize this capability.
Where is Enterprise State Roaming data hosted?
One or more Azure regions
The hosting aligns with the country/region value set in the Microsoft Entra instance.
How is Enterprise State Roaming data partitioned geographically (the 3 major regions)?
- North America
- EMEA
- APAC
Data is stored locally within the relevant geographical region.
Can the country/region value be modified after the Microsoft Entra directory creation process?
No
This value is fixed once the directory is created.
What are the 5 steps to view a per-user device sync status report ?
- Sign in to the Azure portal.
2 . Select Microsoft Entra ID > Users > All users. - Select the user, and then select Devices.
- Under Show, select Devices syncing settings and app data to show sync status.
- If there are devices syncing for this user, you see the devices shown here.
What is the retention policy for data synced to the Microsoft cloud using Enterprise State Roaming?
Data is retained until manually deleted or determined to be stale
Stale data is defined as data that hasn’t been accessed for one year.
What is explicit deletion in the context of Azure?
Explicit deletion occurs when an Azure admin deletes a user, a directory, or requests data deletion
This includes user deletion, directory deletion, and on request deletion.
What happens to user roaming data when a user is deleted in Microsoft Entra ID?
The user roaming data is deleted after 90 to 180 days
This is a part of the explicit deletion process.
What is the outcome of deleting an entire directory in Microsoft Entra ID?
All settings data associated with that directory is deleted after 90 to 180 days
This is an immediate operation.
How can an Azure admin manually delete a specific user’s data?
The admin can file a ticket with Azure support
This is referred to as on request deletion.
What constitutes stale data in Microsoft cloud services?
Data that hasn’t been accessed for one year
The retention period for stale data won’t be less than 90 days.
What happens if no devices access a particular settings collection?
For example, when an application is removed or a settings group is disabled for all of a user’s devices.
The collection becomes stale after the retention period and may be deleted
What occurs if a user turns off settings sync on all devices?
All settings data for that user will become stale and may be deleted after the retention period
This highlights the importance of active device access for data retention.
What happens if the Microsoft Entra directory admin turns off Enterprise State Roaming?
All users in that directory will stop syncing settings, and all settings data will become stale and may be deleted
This action affects all users within the directory.
Is the data retention policy configurable in Microsoft cloud services, once data is permanently deleted?
No, the data retention policy isn’t configurable
Once data is permanently deleted, it’s not recoverable.
What happens to settings data after it is deleted from the Microsoft cloud?
It is deleted only from the cloud, not from the end-user device
If any device reconnects to the service, settings are synced again.
Data synced to the Microsoft cloud using Enterprise State Roaming that hasn’t been accessed for one year may be deleted from the Microsoft cloud. What are the three methods that can explicitly delete data?
1. User Deletion, Directory Deletion, Removal Deletion
2. User Deletion, Directory Deletion, and On-Request Deletion
3. User Deletion, Setting Deletion, On-Request Deletion
User Deletion, Directory Deletion, and On-Request Deletion
