You administer an Active Directory Domain Services forest that includes an Active Directory Federation Services (AD FS) server and Azure Active Directory.
The fully qualified domain name of the AD FS server is adfs.contoso.com.
Your must implement single sign-on (SSO) for a cloud application that is hosted in Azure.
All domain users must be able to use SSO to access the application.
You need to configure SSO for the application.
Which two actions should you perform? Each correct answer presents part of the solution.
A.
Use the Azure Active Directory Synchronization tool to configure user synchronization.
B.
Use the AD FS Configuration wizard to specify the domain and administrator for the Azure Active Directory service.
C.
Create a trust between AD FS and Azure Active Directory.
D.
In the Azure management portal, activate directory synchronization.
Explanation:
Need to Check.
Use the Azure Active Directory Synchronization tool to configure user synchronization
Use the AD FS Configuration wizard to specify the domain and administrator for the
Azure Active Directory service
You can employ both AD FS and Azure AD for use with single-sign on for Azure Cloud-Based Applications. To do so:
1. Synchronize AD FS users with Azure AD (dirsync).
2. Create a trust between AD FS and Azure AD.
After this you can go through more advanced steps to configure advanced authentication settings, device registraion and conditional access.
I believe these answers to be correct.
A & C, that is
Step 1: In the Azure management portal, activate directory synchronization by clicking on ACTIVATED button at DIRECTORY SYNC option
Step 2: Install AAD Connect to configure AD synchronisation
Possible Solution: D and A