How should you complete the relevant Windows PowerShell commands?

HOTSPOT
Contoso Ltd has an Office 365 Tenant. The company plans to implement single sign-on (SSO). You install
Active Directory Federation Services.
You need to enable the use of SSO.
How should you complete the relevant Windows PowerShell commands? To answer select the appropriate Windows PowerShell segment from each list in the answer area.

HOTSPOT
Contoso Ltd has an Office 365 Tenant. The company plans to implement single sign-on (SSO). You install
Active Directory Federation Services.
You need to enable the use of SSO.
How should you complete the relevant Windows PowerShell commands? To answer select the appropriate Windows PowerShell segment from each list in the answer area.

Answer:

Show Hint

Leave a Reply 5

Your email address will not be published. Required fields are marked *

Niraj

Niraj

Wrong credentials. Office 365 credentials should be supplied.

Reply

Mr.PowerSHell

Mr.PowerSHell

I think that the question is wrong, it should be: u need to disable sso. THis is cause of the ps command: convert-msoldomaintostandard -domainname contoso.com -skipuserconversion $false -passwordfile c:\password.txt

We can only use this: -domainname contoso.com -skipuserconversion $false -passwordfile… with convert-msoldomainstandard

Reply

Bob

Bob

Answer is correct, the account must have local AD permissions to write to the Windows Internal DB so Enterprise Admin would work, default Office 365 admin would not have Write permissions on the server.
Then you want to convert to Federated and use the password file to set passwords for the cloud accounts. After this is configured, you can set up AAD Connect and sync the local passwords to 365.
https://blogs.technet.microsoft.com/canitpro/2015/09/11/step-by-step-setting-up-ad-fs-and-enabling-single-sign-on-to-office-365/

Reply

Hiya

Hiya

Bob I think the problem is how the question is phrased.

$credential = Get-Credential
Connect-MsolService -credential $credential is ALWAYS followed by entering your Office 365 admin credentials. This is why the default Office 365 admin is correct in this scenario.

The next step when enabling SSL is connecting the PowerShell session to AD FS 2.0. This connection must be made to the FQDN of the primary federation server which holds the writable Windows Internal Database copy. It is here you use the following command:

Set-MsolAdfscontext -Computer . Here is the step where you enter your AD credentials.

Your thinking is correct. The problem is how poorly the question is phrased..

Reply