DRAG DROP
Your network contains an Active Directory domain named contoso.com.
You need to ensure that third-party devices can use Workplace Join to access domain
resources on the Internet.
Which four actions should you perform in sequence?
To answer, move the appropriate four actions from the list of actions to the answer area and
arrange them in the correct order.
Answer: See the explanation
Explanation:
Note:
* Checklist: Deploying a Federation Server Farm include:
(Box 1) Enroll a Secure Socket Layer (SSL) certificate for AD FS.
(Box 2) Install the AD FS role service.
(Box 3, box 4) Optional step: Configure a federation server with Device Registration Service
(DRS).
Box 3: To enable Device Registration Service
On your federation server, open a Windows PowerShell command window and type:
Enable-AdfsDeviceRegistration
Repeat this step on each federation farm node in your AD FS farm..
Box 4: Update the Web Application Proxy configuration
The Device Registration Service will be available through the Web Application Proxy once it
is enabled on a federation server. You may need to complete this procedure to update the
Web Application Proxy configuration if it was deployed prior to enabling the Device
Registration Service.
* Workplace Join is made possible by the Device Registration Service (DRS) that is included
with the Active Directory Federation Role in Windows Server 2012 R2. When a device is
Workplace Joined, the DRS provisions a device object in Active Directory and sets a
certificate on the consumer device that is used to represent the device identity. The DRS is
meant to be both internal and external facing. Companies that deploy both DRS and the
Web Application Proxy will be able to Workplace Join devices from any internet connected
location.
Reference: Deploying a Federation Server Farm
1. Install a certificate obtained from a trusted third-party certification authority (CA).
2. Install and configure Active Directory Federation Services (AD FS).
3. Enable the Device Registration Service.
4. Install and configure a Web Application Proxy.
1. Install a certificate obtained from a trusted third-party certification authority (CA).
2. Install and configure Active Directory Federation Services (AD FS).
3. Enable the Device Registration Service.
4. Install and configure a Web Application Proxy.