Note: This question is part of a seri
es of questions that present the same scenario. Each question in the series contains a unique solution. Determine whether the solution meets the stated goals.
You have an on-premises Active Directory forest.
You deploy Active Directory Federation
Services (AD FS) and purchase an Office 365 subscription.
You need to create a trust between the AD FS servers and the Office 365 subscription.
Solution: You run the
Convert-MsolDomainToFederated
cmdlet.
Does this meet the goal?
A. Yes
B. No
Explanation:
Each domain that you want to federate must either be added as a single sign-on domain or converted to be a single sign-on domain from a standard domain. Adding or converting a domain sets up a trust between AD FS and Microsoft Azure Active Di
rectory (Microsoft Azure AD).
The Convert-MSOLDomainToFederated cmdlet converts the specified domain from standard authentication to single sign-on (also known as identity federation), including configuring the relying party trust settings between the Act
ive Directory Federation Services (AD FS) server as part of converting a domain from standard authentication to single sign-on, each user must also be converted. This conversion happens automatically the next time a user signs in; no action is required by
the administrator.
References:
https://msdn.microsoft.com/en-us/library/azure/dn194092(v=azure.98).aspx
https://msdn.microsoft.com/en-us/library/azure/jj205461.aspx