Exam
Answer confirmed
Question
Your network contains an on-premises Active Directory Domain Services (AD DS) domain and a Microsoft Entra tenant.
You need to configure synchronization between the AD DS domain and the Microsoft Entra tenant.
What should you do?
Proposed answer
- Deploy Microsoft Entra Connect to a server on the on-premises network.
- Enable Microsoft Entra Domain Services
- Install the AD DS role on an Azure virtual machine
- Setting up an S2S VPN
Suggested answer
- Deploy Microsoft Entra Connect to a server on the on-premises network.
Correct answer
- Correct - Microsoft Entra Connect is the tool that provides synchronization between on-premises AD DS and Microsoft Entra. Deploying Microsoft Entra Connect to a server on the on-premises network is the correct solution.
- Incorrect - Enabling Microsoft Entra Domain Services for the Microsoft Entra tenant provides managed domain services, such as domain join, Group Policy, LDAP, and Kerberos/NTLM authentication. It does not directly sync an on-premises AD DS with a Microsoft Entra tenant.
- Incorrect - Installing the AD DS role on an Azure virtual machine creates an instance of AD DS in the cloud, but it does not configure synchronization with an on-premises AD DS domain.
- Incorrect - Setting up an S2S VPN between the on-premises network and the Azure network can enable hybrid scenarios where resources can be accessed from both networks. However, it is not the way to configure synchronization between AD DS and Microsoft Entra tenant.
What is Azure AD Connect cloud sync? - Microsoft Entra | Microsoft Learn