PdfPrep.com

What should you create?

Your network contains two Active Directory forests. Each forest contains two domains. All client computers run Windows 10 and are domain-joined.

You plan to configure Hybrid Azure AD join for the computers.

You create Microsoft Azure Active Directory (Azure AD) tenant.

You need to ensure that the computers can discover the Azure AD tenant.

What should you create?
A . a new computer account for each computer
B . a new service connection point (SCP) for each domain
C . a new trust relationship for each forest
D . a new service connection point (SCP) for each forest

Answer: D

Explanation:

Your devices use a service connection point (SCP) object during the registration to discover Azure AD tenant information. In your on-premises Active Directory instance, the SCP object for the hybrid Azure AD joined devices must exist in the configuration naming context partition of the computer’s forest. There is only one configuration naming context per forest. In a multi-forest Active Directory configuration, the service connection point must exist in all forests that contain domain-joined computers.

Reference: https://docs.microsoft.com/en-us/azure/active-directory/devices/hybrid-azuread-join-manual

Exit mobile version