Manage Server1 and Server2 with Azure Arc: Step-by-Step Guide | Exam AZ-800
Question
You have an on premises Active Directory Domain Services (AD DS) domain that syncs with an Azure Active Directory (Azure AD) tenant. The domain contains two servers named Server1 and Server2.
A user named Admin1 is a member of the local Administrators group on Server1 and Server2.
You plan to manage Server1 and Server2 by using Azure Arc. Azure Arc objects will be added to a resource group named RG1.
You need to ensure that Admin1 can configure Server1 and Server2 to be managed by using Azure Arc.
What should you do first?
Answers
Explanations
Click on the arrows to vote for the correct answer
A. B. C. D.B
https://docs.microsoft.com/en-us/azure/azure-arc/servers/onboard-service-principalTo allow Admin1 to configure Server1 and Server2 to be managed by using Azure Arc, you need to ensure that Admin1 has the required permissions to perform the task. Azure Arc is a hybrid management solution that extends Azure management capabilities to on-premises, multi-cloud, and edge environments. To manage on-premises servers, Azure Arc requires an Azure Connected Machine agent to be installed on the servers.
Here are the detailed explanations for each option:
Option A: From the Azure portal, generate a new onboarding script. This option is not the first thing you should do because it does not address the issue of granting the required permissions to Admin1. Onboarding scripts are used to install the Azure Connected Machine agent on servers and register them with Azure Arc. This option can be considered after granting the required permissions to Admin1.
Option B: Assign Admin1 the Azure Connected Machine Onboarding role for RG1. This option is the correct answer because it grants Admin1 the required permissions to configure Server1 and Server2 to be managed by using Azure Arc. The Azure Connected Machine Onboarding role allows the user to onboard and manage Azure Arc-enabled servers in a specific resource group. By assigning this role to Admin1 for RG1, the user will be able to onboard Server1 and Server2 to Azure Arc and manage them.
Option C: Hybrid Azure AD join Server1 and Server2. This option is not the first thing you should do because it does not address the issue of granting the required permissions to Admin1. Hybrid Azure AD join allows on-premises devices to join Azure AD and be managed from the cloud. However, it is not a requirement for managing on-premises servers with Azure Arc. Onboarding the servers with Azure Arc is sufficient.
Option D: Create an Azure cloud-only account for Admin1. This option is not the first thing you should do because it does not address the issue of granting the required permissions to Admin1. Creating an Azure cloud-only account is not a requirement for managing on-premises servers with Azure Arc. The user needs to have the Azure Connected Machine Onboarding role to onboard and manage servers with Azure Arc.
