Implementing Azure AD Seamless Single Sign-On for Windows 10 Computers | SC-300 Exam Preparation

Configure Windows 10 Computers for Azure AD Seamless SSO

Next Question

Question

Your network contains an on-premises Active Directory domain that syncs to an Azure Active Directory (Azure AD) tenant.

Users sign in to computers that run Windows 10 and are joined to the domain.

You plan to implement Azure AD Seamless Single Sign-On (Azure AD Seamless SSO)

You need to configure the Windows 10 computers to support Azure AD Seamless SSO.

What should you do?

Answers

A. Configure Sign-in options from the Settings app.

B. Enable Enterprise State Roaming.

C. Modify the Intranet Zone settings.

D. Install the Azure AD Connect Authentication Agent.

Show Answer

Explanations

Click on the arrows to vote for the correct answer

A. B. C. D.

https://docs.microsoft.com/en-us/azure/active-directory/hybrid/how-to-connect-sso-quick-start

To configure Windows 10 computers to support Azure AD Seamless Single Sign-On (Azure AD Seamless SSO), you need to follow the steps given below:

Verify Prerequisites: Before configuring Azure AD Seamless SSO, ensure that you have the following prerequisites:
- An Azure AD subscription
- A synchronized on-premises Active Directory domain with Azure AD using Azure AD Connect
- Windows 10 version 1607 or later
Configure Azure AD Connect:
- Open the Azure AD Connect configuration wizard.
- Select the 'User sign-in' option and click on 'Configure'.
- Select 'Pass-through authentication' and 'Azure AD Seamless SSO' options.
- Provide the credentials of an account that has the necessary permissions to configure Azure AD Seamless SSO.
Configure Group Policy: Once the Azure AD Connect configuration is complete, you need to configure Group Policy to enable Azure AD Seamless SSO on Windows 10 computers. To do this, follow the steps below:
- Open the Group Policy Management Console.
- Create a new Group Policy Object (GPO) or select an existing one.
- Navigate to Computer Configuration -> Policies -> Administrative Templates -> System -> Logon.
- Enable the 'Use my sign-in info to automatically finish setting up my device and reopen my apps after an update or restart' policy.
Verify the Configuration: To verify that Azure AD Seamless SSO is working on Windows 10 computers, follow these steps:
- Ensure that the Group Policy settings are applied to the Windows 10 computers.
- Sign in to a Windows 10 computer using a domain user account.
- Access a cloud resource, such as Office 365, from a web browser.
- You should be automatically signed in without being prompted for credentials.

Answer A, configuring sign-in options from the Settings app, is not correct because this option is used to manage user accounts and sign-in options on a local computer, not for configuring Azure AD Seamless SSO.

Answer B, enabling Enterprise State Roaming, is not correct because it is used to roam user settings and app data across devices, not for configuring Azure AD Seamless SSO.

Answer C, modifying the Intranet Zone settings, is not correct because it is used to configure security settings for local intranet sites, not for configuring Azure AD Seamless SSO.

Answer D, installing the Azure AD Connect Authentication Agent, is also not correct because it is used to enable password hash synchronization for user sign-in, not for configuring Azure AD Seamless SSO.

Next Question