DRAG DROP
Yournetwork contains an Active Directory domain named contoso.com.
You need to ensure that third-party devices can use Workplace Join to access domain resources on
the Internet.
Which four actions should you perform in sequence?
To answer, move the appropriate four actions from the list of actions to the answer area and
arrange them in the correct order.
Answer: See the explanation
Explanation:
<map><m x1=”6″ x2=”397″ y1=”50″ y2=”94″ ss=”0″ a=”0″ /><m x1=”7″ x2=”397″ y1=”104″
y2=”145″ ss=”0″ a=”0″ /><m x1=”5″ x2=”397″ y1=”157″ y2=”195″ ss=”0″ a=”0″ /><m x1=”5″
x2=”397″ y1=”204″ y2=”264″ ss=”0″ a=”0″ /><m x1=”6″ x2=”396″ y1=”274″ y2=”328″ ss=”0″ a=”0″
/><m x1=”7″ x2=”394″ y1=”342″ y2=”381″ ss=”0″ a=”0″ /><m x1=”413″ x2=”805″ y1=”44″ y2=”103″
ss=”1″ a=”0″ /><m x1=”415″ x2=”806″ y1=”116″ y2=”179″ ss=”1″ a=”0″ /><m x1=”416″ x2=”808″
y1=”188″ y2=”258″ ss=”1″ a=”0″ /><m x1=”419″ x2=”809″ y1=”268″ y2=”340″ ss=”1″ a=”0″ /><c
start=”3″ stop=”0″ /><c start=”4″ stop=”1″ /><c start=”2″ stop=”2″ /><c start=”5″ stop=”3″
/></map>
Box 1:
Box 2:
Box 3:
Box 4:
Note:
* Checklist: Deploying a Federation Server Farm include:
(Box 1) Enroll a Secure Socket Layer (SSL) certificate for AD FS.
(Box 2) Install the AD FS role service.
(Box 3, box 4) Optional step: Configure a federation server with Device Registration Service (DRS).
Box 3: To enable Device Registration Service.
On your federation server, open a Windows PowerShell command window and type:
Enable-AdfsDeviceRegistration
Repeat this step on each federation farm node in your AD FS farm..
Box 4: Update the Web Application Proxy configuration
The Device Registration Service will be available through the Web Application Proxy once it is
enabled on a federation server. You may need to complete this procedure to update the Web
Application Proxy configuration if it was deployed prior to enabling the Device Registration Service.
* Workplace Join is made possible by the Device Registration Service (DRS) that is included with the
Active Directory Federation Role in Windows Server 2012 R2. When a device is Workplace Joined,
the DRS provisions a device object in Active Directory and sets a certificate on the consumer device
that is used to represent the device identity. The DRS is meant to be both internal and external
facing. Companies that deploy both DRS and the Web Application Proxy will be able to Workplace
Join devices from any internet connected location.
Deploying a Federation Server Farm.
Deploying a Federation Server Farm: https://technet.microsoft.com/en-us/library/dn486775%28v=ws.11%29.aspx
Enable Device Registration and configure Web Application Proxy: https://technet.microsoft.com/en-us/library/dn486831%28v=ws.11%29.aspx
0
0
https://technet.microsoft.com/en-us/library/dn486775(v=ws.11).aspx
From the link above it is a bit hard to extract the exact answer but i think it is close enough, means that the given answer is right.
2
0
Saw this on test.
0
0
https://docs.microsoft.com/en-us/windows-server/identity/ad-fs/deployment/set-up-the-lab-environment-for-ad-fs-in-windows-server-2012-r2
after domain controller setup with creating a GMSA:
– Install a server SSL certificate with ADFS certificate names:
— Subject Name (cn): adfs1.contoso.com
— Subject Alternative Name (dns): adfs1.contoso.com
— Subject Alternative Name (dns): enterpriseregistration.contoso.com
– Install AD FS server role
– Configure the Federation Server using the SSL certificate
– Configure Device Registration
— Initialize-ADDeviceRegistration
— Enable-AdfsDeviceRegistration
– Install and Configure Web Server/Proxy
Posted answer is correct
2
0