Note: This question is part of a series of questions that present the same scenario. Each question in the series contains a unique solution that might meet the stated goals. Some question sets might have more than one correct solution, while others might not have a correct solution.
After you answer a question in this section, you will NOT be able to return to it. As a result, these questions will not appear in the review screen.
Your company has an on-premises Active Directory Domain Services (AD DS) domain and an established Azure Active Directory (Azure AD) environment.
Your company would like users to be automatically signed in to cloud apps when they are on their corporate desktops that are connected to the corporate network.
You need to enable single sign-on (SSO) for company users.
Solution: Install and configure an Azure AD Connect server to use password hash synchronization and select the 'Enable single sign-on' option.
Does the solution meet the goal?
Click on the arrows to vote for the correct answer
A. B.A
Azure Active Directory Seamless Single Sign-On (Azure AD Seamless SSO) automatically signs users in when they are on their corporate devices connected to your corporate network. When enabled, users don't need to type in their passwords to sign in to Azure AD, and usually, even type in their usernames. This feature provides your users easy access to your cloud-based applications without needing any additional on-premises components.
Seamless SSO can be combined with either the Password Hash Synchronization or Pass-through Authentication sign-in methods.
https://docs.microsoft.com/en-us/azure/active-directory/hybrid/how-to-connect-ssoThe proposed solution, which is to install and configure an Azure AD Connect server to use password hash synchronization and select the "Enable single sign-on" option, does meet the goal of enabling single sign-on (SSO) for company users on their corporate desktops connected to the corporate network.
Here's why:
Azure AD Connect is a tool that integrates an on-premises Active Directory environment with Azure Active Directory (Azure AD) to provide a unified identity management solution. Password hash synchronization is a feature of Azure AD Connect that synchronizes on-premises user passwords to Azure AD, allowing users to use the same password to sign in to both on-premises and cloud-based applications.
Enabling single sign-on (SSO) for company users means that they will be able to seamlessly access cloud-based applications without having to enter their credentials multiple times. SSO accomplishes this by authenticating users once and then providing them with seamless access to all applications that they are authorized to use.
By installing and configuring an Azure AD Connect server with password hash synchronization and selecting the "Enable single sign-on" option, the on-premises user passwords will be synchronized to Azure AD, and the users will be able to use the same password to sign in to both on-premises and cloud-based applications. Additionally, with SSO enabled, users will be able to access cloud-based applications on their corporate desktops connected to the corporate network without having to enter their credentials multiple times.
Therefore, the proposed solution does meet the goal of enabling SSO for company users on their corporate desktops connected to the corporate network, and the correct answer is A. Yes.