PrepAway - Latest Free Exam Questions & Answers

You need to ensure that all users from the Internet are pre-authenticated before they can access App1

DRAG DROP
Your network contains an Active Directory domain named contoso.com. The domain contains two
servers named Server1 and Server3. The network contains a standalone server named Server2. All
servers run Windows Server 2012 R2. The servers are configured as shown in the following table.

Server3 hosts an application named App1. App1 is accessible internally by using the URL
https://app1.contoso.com. App1 only supports Integrated Windows authentication.
You need to ensure that all users from the Internet are pre-authenticated before they can access
App1.
What should you do? To answer, drag the appropriate servers to the correct actions. Each server
may be used once, more than once, or not at all. You may need to drag the split bar between panes
or scroll to view content.

PrepAway - Latest Free Exam Questions & Answers

Answer:

Explanation:
Web application proxy Active Directory Federation Services relaying party trust
Note:
Box 1: add a new relying party trust by using the AD FS Management snap-in and manually configure
the settings on a federation server.
Box 2: When publishing applications that use Integrated Windows authentication, the Web
Application Proxy server uses Kerberos constrained delegation to authenticate users to the
published application.
Box 3-4: To publish a claims-based application
On the Web Application Proxy server, in the Remote Access Management console, in
theNavigationpane, clickWeb Application Proxy, and then in theTaskspane, clickPublish.
On thePublish New Application Wizard, on theWelcomepage, clickNext.

On thePreauthenticationpage, clickActive Directory Federation Services (AD FS), and then clickNext.
On theRelying Partypage, in the list of relying parties select the relying party for the application that
you want to publish, and then clickNext.
On thePublishing Settingspage, do the following, and then clickNext:
In theNamebox, enter a friendly name for the application.
This name is used only in the list of published applications in the Remote Access Management
console.
In theExternal URLbox, enter the external URL for this application; for example,
https://sp.contoso.com/app1/.
In theExternal certificatelist, select a certificate whose subject covers the external URL.
In theBackend server URLbox, enter the URL of the backend server. Note that this value is
automatically entered when you enter the external URL and you should change it only if the backend
server URL is different; for example, http://sp/app1/.


Leave a Reply