Which two actions should you perform?

Posted by: Pdfprep Category: 70-346 Tags: , ,

Contoso Ltd. uses Office 365 for collaboration. You are implementing Active Directory Federation Services (AD FS) for single sign-on (SSO) with Office 365 services. The environment contains an Active Directory domain and an AD FS federation server.

You need to ensure that the environment is prepared for the AD FS setup.

Which two actions should you perform? Each correct answer presents part of the solution.
A . Configure Active Directory to use the domain contoso.com.
B . Configure Active Directory to use the domain contoso.local.
C . Create a server authentication certificate for the federation server by using fs.contoso.com as the subject name and subject alternative name.
D . Create a server authentication certificate for the federation server by using fs.contoso.local as the subject name and subject alternative name.

Answer: A,C

Explanation:

A: The domain we want to federate must be registered as a public internet domain with a domain registrar or within our own public DNS servers. We cannot use contoso.local as it is not routable outside of the intranet.

C: The Subject Name of the SSL certificate must match the names used in the AD FS configuration. The default sub-domain for AD FS is fs. As we use contoso.com as the domain, we are probably using fs,contoso.com as the AD FS name and we must also use it in the subject name for the certificate.

Leave a Reply

Your email address will not be published.