Deal of The Day! Hurry Up, Grab the Special Discount - Save 25% - Ends In 00:00:00 Coupon code: SAVE25
Welcome to Pass4Success

- Free Preparation Discussions
Mail Us support@pass4success.com
Location US
Mob_nav_barsMENU

Microsoft AZ-800 Exam - Topic 4 Question 12 Discussion

You have an on premises Active Directory Domain Services (AD DS) domain that syncs with an Azure Active Directory (Azure AD) tenant.You plan to implement self-service password reset (SSPR) in Azure AD.You need to ensure that users that reset their passwords by using SSPR can use the new password resources in the AD DS domain.What should you do?
B) Run the Microsoft Azure Active Directory Connect wizard and select Password writeback.
A) Deploy the Azure AD Password Protection proxy service to the on premises network.
C) Grant the Change password permission for the domain to the Azure AD Connect service account.
D) Grant the impersonate a client after authentication user right to the Azure AD Connect service account.

Microsoft AZ-800 Exam - Topic 4 Question 12 Discussion

Actual exam question for Microsoft's AZ-800 exam
Question #: 12
Topic #: 4
[All AZ-800 Questions]

You have an on premises Active Directory Domain Services (AD DS) domain that syncs with an Azure Active Directory (Azure AD) tenant.

You plan to implement self-service password reset (SSPR) in Azure AD.

You need to ensure that users that reset their passwords by using SSPR can use the new password resources in the AD DS domain.

What should you do?

Show Suggested Answer Hide Answer
Suggested Answer: B

https://docs.microsoft.com/en-us/azure/active-directory/authentication/tutorial-enable-sspr-writeback

by Lavera at Jun 28, 2022, 10:37 PM

Limited Time Offer

25%

Off

Get Premium AZ-800 Questions as Interactive Web-Based Practice Test or PDF

Contribute your Thoughts:

0/2000 characters
Submit Cancel
Raelene
7 months ago
Not sure if this will work as expected, sounds too simple.
upvoted 0 times
...
Enola
7 months ago
C might be needed too, but B is crucial for SSPR.
upvoted 0 times
...
Crista
7 months ago
Wait, I thought A was necessary for password protection?
upvoted 0 times
...
Isadora
8 months ago
I agree, B makes the most sense here.
upvoted 0 times
...
Lavonne
8 months ago
B is definitely the way to go for password writeback!
upvoted 0 times
...
Jacquelyne
8 months ago
I practiced a similar question where we had to set permissions for the Azure AD Connect service account, but I can't recall if it was about changing passwords or something else.
upvoted 0 times
...
Mozell
8 months ago
I think deploying the Azure AD Password Protection proxy service is more about enforcing password policies, not necessarily about SSPR functionality.
upvoted 0 times
...
Ricki
8 months ago
I remember something about password writeback being essential for SSPR to work with AD DS, but I'm not entirely sure if that's the only step needed.
upvoted 0 times
...
Anglea
8 months ago
I feel like granting the impersonate user right could be important, but I’m leaning towards option B since it directly mentions password writeback.
upvoted 0 times
...
Valentin
8 months ago
I feel pretty confident about this. The options cover the main points I'd expect to see, so I should be able to identify the two true statements.
upvoted 0 times
...
Shelia
8 months ago
Hmm, this one seems straightforward. I think the Account entity would be the best place to store the customer's Twitter profile details.
upvoted 0 times
...
Ming
8 months ago
I'm pretty confident about this one. SCIM is definitely used for provisioning and managing identity data, so I'll go with "Yes" on this.
upvoted 0 times
...
Bette
8 months ago
I'm not sure about the 'initializing' state either. It feels like it could be a valid reason for the primary node not working.
upvoted 0 times
...

Save Cancel