Which two permission levels should you assign to the account for each task?

HOTSPOT
A company plans to synchronize users in an existing Active Directory organizational unit with Office
365.
You must configure the Azure Active Directory Synchronization (AAD Sync) tool with password sync.
You need to ensure that the service account has the minimum level of permissions required.
Which two permission levels should you assign to the account for each task? To answer, select the
appropriate permission level from each list in the answer area.

HOTSPOT
A company plans to synchronize users in an existing Active Directory organizational unit with Office
365.
You must configure the Azure Active Directory Synchronization (AAD Sync) tool with password sync.
You need to ensure that the service account has the minimum level of permissions required.
Which two permission levels should you assign to the account for each task? To answer, select the
appropriate permission level from each list in the answer area.

Answer:

Explanation:
* Password Write-Back
For each forest you have configured in Azure AD Sync, the account you have specified for a forest in
the wizard must be given the “Reset-Password” and “Change Password” extended rights on the root
object of each domain in the forest.
* Permissions for password synchronization

If you want to enable password synchronization between your on-premises AD DS and your Azure
Active Directory for your users, you need to grant the following permissions to the account that is
used by Azure AD Sync to connect to your AD DS:
Replicating Directory Changes
Replicating Directory Changes All

Install the Azure Active Directory Sync Service
https://msdn.microsoft.com/en-us/library/azure/dn757602.aspx

Show Hint

Leave a Reply 3

Your email address will not be published. Required fields are marked *

gvk

gvk

Yes, the above link provided proves it is correct.

Reply