Note: This question is part of a series of questions that present the same scenario. Each question in the series
contains a unique solution. Determine whether the solution meets the stated goals.
You have an on-premises Active Directory forest.
You deploy Active Directory Federation Services (AD FS) and purchase an Office 365 subscription.
You need to create a trust between the AD FS servers and the Office 365 subscription.
Solution: You run the Convert-MsolDomainToFederated cmdlet.Does this meet the goal?
A.
Yes
B.
No
Explanation:
Each domain that you want to federate must either be added as a single sign-on domain or converted to be a
single sign-on domain from a standard domain. Adding or converting a domain sets up a trust between AD FS
and Microsoft Azure Active Directory (Microsoft Azure AD).
The Convert-MSOLDomainToFederated cmdlet converts the specified domain from standard authentication to
single sign-on (also known as identity federation), including configuring the relying party trust settings between
the Active Directory Federation Services (AD FS) server as part of converting a domain from standard
authentication to single sign-on, each user must also be converted. This conversion happens automatically the
next time a user signs in; no action is required by the administrator.https://msdn.microsoft.com/en-us/library/azure/dn194092(v=azure.98).aspx
https://msdn.microsoft.com/en-us/library/azure/jj205461.aspx