Deal of The Day! Hurry Up, Grab the Special Discount - Save 25% - Ends In 00:00:00 Coupon code: SAVE25
Welcome to Pass4Success

- Free Preparation Discussions
Mail Us support@pass4success.com
Location US
Mob_nav_barsMENU

Microsoft AZ-104 Exam - Topic 4 Question 33 Discussion

Actual exam question for Microsoft's AZ-104 exam
Question #: 33
Topic #: 4
[All AZ-104 Questions]

You configure Azure AD Connect for Azure Active Directory Seamless Single Sign-On (Azure AD Seamless SSO) for an on-premises network. Users report that when they attempt to access myapps.microsoft.com, they are prompted multiple times to sign in and are forced to use an account name that ends with onmicrosoft.com.

You discover that there is a UPN mismatch between Azure AD and the on-premises Active Directory. You need to ensure that the users can use single-sign on (SSO) to access Azure resources.

What should you do first?

Show Suggested Answer Hide Answer
Suggested Answer: B

Azure AD Connect lists the UPN suffixes that are defined for the domains and tries to match them with a

custom domain in Azure AD. Then it helps you with the appropriate action that needs to be taken. The Azure

AD sign-in page lists the UPN suffixes that are defined for on-premises Active Directory and displays the

corresponding status against each suffix. The status values can be one of the following:

State: Verified

Azure AD Connect found a matching verified domain in Azure AD. All users for this domain can sign in by

using their on-premises credentials.

State: Not verified

Azure AD Connect found a matching custom domain in Azure AD, but it isn't verified. The UPN suffix of the

users of this domain will be changed to the default .onmicrosoft.com suffix after synchronization if the

domain isn't verified.

Action Required: Verify the custom domain in Azure AD.

References: https://docs.microsoft.com/en-us/azure/active-directory/hybrid/plan-connect-user-signin


by Josephine at May 09, 2022, 06:15 PM

Limited Time Offer

25%

Off

Get Premium AZ-104 Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

0/2000 characters
Submit Cancel
Tabetha
5 months ago
Modifying filtering options could help, but is it the first step?
upvoted 0 times
...
Jules
5 months ago
Wait, why would they need onmicrosoft.com accounts? That seems odd.
upvoted 0 times
...
Charisse
5 months ago
I think deploying AD FS might complicate things more.
upvoted 0 times
...
Carey
5 months ago
Definitely need to verify that custom domain name first!
upvoted 0 times
...
Krystal
6 months ago
Sounds like a classic UPN mismatch issue.
upvoted 0 times
...
Nancey
6 months ago
If I recall correctly, verifying a custom domain name could resolve the UPN mismatch, but I’m not 100% sure if that’s the immediate action needed.
upvoted 0 times
...
Regenia
6 months ago
I'm not entirely sure, but I feel like deploying AD FS could be a solution, though it seems a bit complex for this scenario.
upvoted 0 times
...
Pamella
6 months ago
I remember we talked about UPN mismatches in class, and I think adding a custom domain name might help with the sign-in issues.
upvoted 0 times
...
Santos
6 months ago
I think we had a practice question about modifying filtering options in Azure AD Connect. That might be relevant here, but I’m not confident it’s the first step.
upvoted 0 times
...
Malcolm
6 months ago
This seems like a straightforward question. I'll need to carefully consider the requirements of a "lightweight app" to gather data and analyze threats on a mobile device.
upvoted 0 times
...
Hannah
6 months ago
This case seems similar to one we practiced where the burden of tax expenses affects what can be redeemed. I feel like $225,000 could be significant in this context.
upvoted 0 times
...
Ona
6 months ago
I remember a similar question about financial profiles, and it seemed like FY13 might have been the strongest based on trends.
upvoted 0 times
...

Save Cancel