Cyber Monday 2024! Hurry Up, Grab the Special Discount - Save 25% - Ends In 00:00:00 Coupon code: SAVE25
Welcome to Pass4Success

- Free Preparation Discussions

Microsoft Exam AZ-104 Topic 4 Question 33 Discussion

Actual exam question for Microsoft's AZ-104 exam
Question #: 33
Topic #: 4
[All AZ-104 Questions]

You configure Azure AD Connect for Azure Active Directory Seamless Single Sign-On (Azure AD Seamless SSO) for an on-premises network. Users report that when they attempt to access myapps.microsoft.com, they are prompted multiple times to sign in and are forced to use an account name that ends with onmicrosoft.com.

You discover that there is a UPN mismatch between Azure AD and the on-premises Active Directory. You need to ensure that the users can use single-sign on (SSO) to access Azure resources.

What should you do first?

Show Suggested Answer Hide Answer
Suggested Answer: B

Azure AD Connect lists the UPN suffixes that are defined for the domains and tries to match them with a

custom domain in Azure AD. Then it helps you with the appropriate action that needs to be taken. The Azure

AD sign-in page lists the UPN suffixes that are defined for on-premises Active Directory and displays the

corresponding status against each suffix. The status values can be one of the following:

State: Verified

Azure AD Connect found a matching verified domain in Azure AD. All users for this domain can sign in by

using their on-premises credentials.

State: Not verified

Azure AD Connect found a matching custom domain in Azure AD, but it isn't verified. The UPN suffix of the

users of this domain will be changed to the default .onmicrosoft.com suffix after synchronization if the

domain isn't verified.

Action Required: Verify the custom domain in Azure AD.

References: https://docs.microsoft.com/en-us/azure/active-directory/hybrid/plan-connect-user-signin


Contribute your Thoughts:

Currently there are no comments in this discussion, be the first to comment!


Save Cancel