ExamTopics Logo
Mail Us[email protected]
Menu
Microsoft Discussions
exam questions

Exam MD-102 All Questions

View all questions & answers for the MD-102 exam
Go to Exam

Exam MD-102 topic 1 question 48 discussion

Actual exam question from Microsoft's MD-102
Question #: 48
Topic #: 1
[All MD-102 Questions]

HOTSPOT -
You have an Azure AD tenant named contoso.com that contains the devices shown in the following table.

Contoso.com contains the Azure AD groups shown in the following table.

You add a Windows Autopilot deployment profile. The profile is configured as shown in the following exhibit.

For each of the following statements, select Yes if the statement is true. Otherwise, select No.
NOTE: Each correct selection is worth one point.

Show Suggested Answer Hide Answer
Suggested Answer:
by krzysztofbr at Aug. 23, 2023, 1:33 p.m.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
Crismo
Highly Voted 1 year, 7 months ago
NNY seems correct to me. Since device 1 and 2 are not enrolled in Intune, the deployment profile will have no effect on them.
upvoted 22 times
airmancompsci
1 year, 6 months ago
However, they are all in Azure AD, which is the requirement to use Autopilot. Part of the Autopilot process is to enroll in Intune per Microsoft as well as join it to AD (so device1 will switch from registered to joined is my guess - if anyone can test this I am curious). Additionally, the big thing for Microsoft seems to be the hardware address. They don't seem to refer to device names at all, so I am guessing it shouldn't matter if they change? https://learn.microsoft.com/en-us/autopilot/user-driven My guess for the answer would be: Yes - Device1 is part of Group1. No - Device2 is part of Group2 which is nested in Group1. Autopilot doesn't work apply to nested groups. Yes - Device3 is part of Group1. I haven't been able to test this though, so if someone has a different answer please let me know.
upvoted 7 times
93831b0
7 months, 3 weeks ago
Device1 is registered = private in Entra (AAD).
upvoted 1 times
...
cpaljchc4
1 year, 5 months ago
Windows Autopilot depends on specific capabilities available in Windows client and Microsoft Entra ID. "It also requires an MDM service such as Microsoft Intune." Found this here: https://learn.microsoft.com/en-us/autopilot/licensing-requirements
upvoted 4 times
Drainev
1 year, 3 months ago
It surely requires an MDM service such as Microsoft Intune - To be set up! It doesn't mean that devices have to be enrolled in Intune at all. Since Autopilot enroll the device in Intune while the deployment, that would be weird for it not to work with unenrolled devices. Tried it on Lab and it worked properly. YNY!
upvoted 4 times
...
...
...
...
hieunm2411
Most Recent 2 months, 2 weeks ago
The correct answer is NNY. If the "Convert all targeted devices to Autopilot" option in the Autopilot profile is enabled, then: When a device is Azure AD Joined or Hybrid Azure AD Joined and managed by Intune, if it is not already in the Autopilot list (does not have a hardware hash), Intune will automatically collect the hardware hash and add the device to the Autopilot list. Device 1 is Azure AD Registered so if the device is only Azure AD Registered, Intune will not convert it to an Autopilot device, even if the option is enabled. Device 2 is Azure AD Joined, but it isn't managed by Intune.
upvoted 2 times
...
d3a3d8a
5 months, 3 weeks ago
Nested groups work within Intune, but Device 2 will still not be converted. the reason Device 2 won't work here is because a device needs to be enrolled with Intune in order for it's Hardware Hash to be extracted. Entra cannot do that on its own. The answers are correct.
upvoted 2 times
...
Huffancs00
7 months, 1 week ago
YNY: guys if you check YES on "Convert all targeted devices to Autopilot" then: "Select Yes to register all targeted devices to Autopilot if they are not already registered. The next time registered devices go through the Windows Out of Box Experience (OOBE), they will go through the assigned Autopilot scenario." so it does not matter whether the device is already registered in MDM or not, all the devices targeted by the deployment profile will start with the autopilot OOBE. It basically says "yo idc if the devices in this group are MDM enrolled, just let them go through the assigned Autopilot scenario"
upvoted 3 times
...
Bart_Hofstede
7 months, 3 weeks ago
You need an MDM. So it's no, no, yes
upvoted 3 times
...
MJFT
1 year ago
An existing device can automatically register if it's: Running a supported version of Windows Enrolled in an MDM service such as Intune A corporate device that isn't already registered with Autopilot https://learn.microsoft.com/en-us/autopilot/automatic-registration#windows-autopilot-for-existing-devices
upvoted 2 times
...
OyYaGotta
1 year, 1 month ago
This is a tricky question. Windows Autopilot deployment profiles are configured as part of Mobile Device Management (MDM) in Intune, therefore, for this question, Autopilot doesn't deploy to devices without a deployment profile. Answer is correct N,N,Y.
upvoted 3 times
...
Darkfire
1 year, 2 months ago
I also think its YNY https://learn.microsoft.com/en-us/autopilot/automatic-registration#windows-autopilot-for-existing-devices
upvoted 1 times
...
kaushik07
1 year, 2 months ago
Feature Azure AD Joined Azure AD Registered Full OOTB experience with Intune Autopilot Yes No Zero-touch deployment Yes Limited Microsoft Account sign-in Yes No (Requires domain join) Automatic company resource access Yes Requires additional steps Given answer stands true
upvoted 1 times
...
Merrybob
1 year, 2 months ago
YNY Using the setting Convert all targeted devices to Autopilot in the Autopilot profile doesn't automatically convert existing hybrid Microsoft Entra device in the assigned group(s) into a Microsoft Entra device. The setting only registers the devices in the assigned group(s) for the Autopilot service. Ref: https://learn.microsoft.com/en-us/autopilot/existing-devices Ref: https://learn.microsoft.com/en-us/autopilot/existing-devices#register-the-device-for-windows-autopilot
upvoted 1 times
...
mp34
1 year, 3 months ago
I think the question here is has the device details been uploaded by .csv file, that is the requirement for Autopilot to work... So, any device that is already in Intune will be deployed by Autopilot...any device that isn't, won't....
upvoted 4 times
mp34
1 year, 3 months ago
So then the given answer is correct....
upvoted 2 times
...
...
NoursBear
1 year, 3 months ago
OK this question is still annoying after t he 3rd visit. I believe the information which is missing is whether Intune is configured for "automatic enrollment" I think we probably have assume that yes. In this case the computers assigned the profile but have MDM to No in the info, would still get enrolled provided they are not personally owned
upvoted 1 times
...
tktk
1 year, 3 months ago
YNY!!!
upvoted 1 times
...
frack
1 year, 3 months ago
YNY as long as the device is Autopilot-registered / Corporate ready image (SN uploaded/registered to intune), it is possible to run Autopilot enrollment.
upvoted 1 times
AdamRachel
1 year, 3 months ago
device one it is not register in Intune.
upvoted 2 times
...
...
BJS78
1 year, 3 months ago
First and seconds devices are private devices quite likely, so we DON'T want them managed by Autopilot. Also suggested by MS: "Don't register to Autopilot the following types of devices: Microsoft Entra registered, also known as "workplace joined" Intune MDM-only enrollment These options are intended for users to join personally-owned devices to their organization's network." Based on this fine article - https://call4cloud.nl/2020/05/intune-auto-mdm-enrollment-for-devices-already-azure-ad-joined/ - it seems you MUST have MDM-coverage for the device to be able to use with Autopilot. (Not only Intune could be used)
upvoted 1 times
...
belyo
1 year, 3 months ago
one of the benefits of autopilot is to automatically join azure ad & automatically enroll to intune so here the status of registered/joined/enrolled makes totally no sense really not sure does it support nesting in assignments so i vote Y N Y
upvoted 1 times
...
mhmyz
1 year, 3 months ago
YNY Device1 & Device3 are part of Group1. "Convert all targeted devices to Autopilot"=Yes,so current device status is not concerned. https://learn.microsoft.com/en-us/autopilot/automatic-registration#windows-autopilot-for-existing-devices
upvoted 3 times
ckmay
1 year, 2 months ago
Device 1 is in group 1 but.... it is only entra registered (workplace joined), and not entra joined. devices that are entra registered are marked as personally owned and if automatic enrollment to intune is turned on, it will not enroll personally owned devices into intune, only corporate. I can't find it now but I'm pretty sure a self-deploying enrollment profiles will not apply to personally owned devices. Honestly our speculation is basically worthless without knowing whether or not these devices even have had their HWID hashes uploaded to Intune and are registered for autopilot. If they are not Autopilot registered, then the answer is NNN. Otherwise, I am going with NYY.
upvoted 2 times
ckmay
1 year, 2 months ago
For device 2, I can find NO evidence that being in a nested group would prevent it from being targeted. I have actually read some articles from microsoft employees that actually said the opposite. The article was about optimizing intune performance by not making tons of different groups when 1 or a few would achieve the same thing and require less reprocessing for Intune. This was in reference to groups with 10,000 plus devices. A better practice that was suggested was to create an empty group and over the period of 3 days add 3 different groups in the empty group that each had 30k+ devices. this was to spread the workload out and they had 0 concern for devices not getting targeted because of the nesting.
upvoted 1 times
ckmay
1 year, 2 months ago
Nesting: I see no mention of autopilot or device profiles behind not supported for group nesting. I found the following listed limitations. (https://learn.microsoft.com/en-us/entra/fundamentals/how-to-manage-groups#add-or-remove-a-group-from-another-group) "We currently don't support: Adding groups to a group synced with on-premises Active Directory. Adding security groups to Microsoft 365 groups. Adding Microsoft 365 groups to security groups or other Microsoft 365 groups. Assigned membership to shared resources and apps for nested security groups. Applying licenses to nested security groups. Adding distribution groups in nesting scenarios. Adding security groups as members of mail-enabled security groups. Adding groups as members of a role-assignable group."
upvoted 1 times
...
...
...
...
Load full discussion...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel
exam
Someone Bought Contributor Access for:
SY0-701
London, 1 minute ago