Your network contains an Active Directory domain named contoso.com. The domain contains servers named
Server1 and Server2 that run Windows Server 2012 R2. Server1 has the Active Directory Federation Services
server role installed.Server2 is a file server.
Your company introduces a Bring Your Own Device (BYOD) policy.
You need to ensure that users can use a personal device to access domain resources by using Single Sign-On
(SSO) while they are connected to the internal network.
Which two actions should you perform? (Each correct answer presents part of the solution. Choose two.)
A.
Enable the Device Registration Service in Active Directory.
B.
Publish the Device Registration Service by using a Web Application Proxy.
C.
Configure Active Directory Federation Services (AD FS) for the Device Registration Service.
D.
Install the Work Folders role service on Server2.
E.
Create and configure a sync share on Server2.
Explanation:
*Prepare your Active Directory forest to support devices
This is a one-time operation that you must run to prepare your Active Directory forest to support devices.
To prepare the Active Directory forest
On your federation server, open a Windows PowerShell command window and type:
Initialize-ADDeviceRegistration
*Enable Device Registration Service on a federation server farm node
To enable Device Registration Service
1.On your federation server, open a Windows PowerShell command window and type:
Enable-AdfsDeviceRegistration
2.Repeat this step on each federation farm node in your AD FS farm.