Prepare On-Premise AD for DirSync – Lesson 4.1

References

There are two methods that can be used to leverage on-premises user and group accounts in your Active Directory environment. You can use either DirSync or the Azure AD connector. When planning to leverage on-premises user and group accounts, you need to decide on the method that will work in your environment. In which situations would the Azure AD connector be required? Choose the best option(s) from those listed below.

A: For single-forest synchronization to Windows Azure AD without FIM

B: For single-forest synchronization to Windows Azure AD with FIM

C: For synchronization between a non-Active Directory source to Windows Azure AD

D: For multi-forest synchronization to Windows Azure AD

 

Explanation: The Windows Azure connector should be used when you plan to synchronize multi-forest Active Directory to Windows Azure AD or to synchronize between a non-Active Directory source to Windows Azure AD. Using the Azure AD Connector for multi-forest synchronization allows for Office 365 hybrid deployments.

 

Correct Option(s):

  • C: For synchronization between a non-Active Directory source to Windows Azure AD
  • D: For multi-forest synchronization to Windows Azure AD

 

Incorrect Option(s):

  • A: For single-forest synchronization to Windows Azure AD without FIM – To perform single-forest synchronization to Windows Azure AD without FIM, you would use DirSync. DirSync is used for all single forest synchronization. The Azure AD connector is not used for single-forest synchronization to Windows Azure AD without FIM.
  • B: For single-forest synchronization to Windows Azure AD with FIM – To perform single-forest synchronization to Windows Azure AD with FIM, you would use DirSync. DirSync is used for all single forest synchronization. The Azure AD connector is not used for single-forest synchronization to Windows Azure AD with FIM.

When using directory synchronization, it is possible to use filters to allow you to select the objects that are synchronized to the cloud. Some of the objects you can filter are organizational-unit (OUs), domains, and user attributes. When applying a new filter, the directory synchronization process will delete any objects that match the filter from the cloud. If a filter was applied by error and you want to add the deleted objects back to the cloud, what should you do? Choose the best option(s) from those listed below.

A: Re-sync the directories.

B: Remove the filter configurations and re-sync the directories.

C: Recreate the deleted objects in Active Directory and re-sync the directories.

D: Stop directory synchronization.

 

Explanation: When configuring filters after directory synchronization is already running, any object in the cloud that relates to the filter is deleted. This means if a filter is applied to an object by error and you need to have the objects back in the cloud, you must remove the filter and then re-sync the directories with directory synchronization.

 

Correct Option(s): B: Remove the filter configurations and re-sync the directories.

 

Incorrect Option(s):

  • A: Re-sync the directories. – If the filter is still applied, re-syncing will not add the deleted objects back to the cloud. The filter must be removed first.
  • C: Recreate the deleted objects in Active Directory and re-sync the directories. – It is not necessary to recreate the deleted objects in Active Directory (AD) as those objects are still in AD.
  • D: Stop directory synchronization. – Stopping directory synchronization will not add those deleted objects back to the cloud. Stopping directory synchronization will prevent synchronization from occurring.

 

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s