ExamTopics Logo
Mail Us[email protected]
Menu
Microsoft Discussions
exam questions

Exam MS-100 All Questions

View all questions & answers for the MS-100 exam
Go to Exam

Exam MS-100 topic 3 question 26 discussion

Actual exam question from Microsoft's MS-100
Question #: 26
Topic #: 3
[All MS-100 Questions]

HOTSPOT -
You have an Active Directory domain named Adatum.com that is synchronized to Azure Active Directory as shown in the exhibit.

Use the drop-down menus to select the answer choice that completes each statement based on the information presented in the graphic.
NOTE: Each correct selection is worth one point.
Hot Area:

Show Suggested Answer Hide Answer
Suggested Answer:
Group Writeback is enabled in the Azure AD Connect configuration so groups created in Azure Active Directory will be synchronized to the on-premise Active
Directory. A security group created in Azure Active Directory will be synchronized to the on-premise Active Directory as a security group.
Device Writeback is enabled in the Azure AD Connect configuration so computers joined to the Azure Active Directory will be synchronized to the on-premise
Active Directory. They will sync to the RegisteredDevices container in the on-premise Active Directory.
Reference:
https://docs.microsoft.com/en-us/azure/active-directory/hybrid/how-to-connect-device-writeback
by acamfox224 at April 2, 2021, 3 p.m.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
acamfox224
Highly Voted 4 years ago
I am confused... I thought you could only sync O365 groups back to on-prem AD https://docs.microsoft.com/en-us/azure/active-directory/hybrid/how-to-connect-group-writeback
upvoted 18 times
eknnob
4 years ago
you are correct Security group will not sync
upvoted 19 times
...
LillyLiver
3 years, 3 months ago
At first I was thinking "what are you talking about?" So I tried it out in my tenant. I don't have Exchange on-prem, so I can't enable group writeback. Another condition (from the link you supplied) is that Exchange Hybrid has to be setup. In this question it isn't setup. So the group won't be written back. As I understand it anyway.
upvoted 1 times
RenegadeOrange
2 years, 8 months ago
Looks like security groups can be writen back to on-prem now. https://docs.microsoft.com/en-us/azure/active-directory/hybrid/how-to-connect-group-writeback-v2
upvoted 10 times
Paolo2022
2 years, 5 months ago
Thanks for the link! This makes it clear: "There are two versions of group writeback. The original version is in general availability and is limited to writing back Microsoft 365 groups to your on-premises Active Directory instance as distribution groups. The new, expanded version of group writeback is in public preview and enables the following capabilities: - You can write back Microsoft 365 groups as distribution groups, security groups, or mail-enabled security groups. - You can write back Azure AD security groups as security groups."
upvoted 1 times
One111
2 years, 4 months ago
Groups sync v2 can't be configured in Azure AD Connect, but only with PowerShell. Also, there is no way to check GroupWritebackV2 feature status in AADC.
upvoted 1 times
...
...
...
...
...
Eltooth
Highly Voted 4 years ago
Also group write back has specific requirements before only M365 groups can sync back...including Exchange Hybrid. Image shows that Exchange Hybrid is disabled. https://docs.microsoft.com/en-us/azure/active-directory/hybrid/how-to-connect-group-writeback#pre-requisites Answer for security group should be “Not synced back to adatum.com.com”
upvoted 10 times
...
One111
Most Recent 2 years, 4 months ago
Groups sync v2 can't be configured in Azure AD Connect, but only with PowerShell. Also, there is no way to check GroupWritebackV2 feature status in AADC. The new version is enabled on the tenant and not per Azure AD Connect client instance. Make sure that all Azure AD Connect client instances are updated to a minimal build of Azure AD Connect version 2.0 or later if group writeback is currently enabled on the client instance. https://learn.microsoft.com/en-us/azure/active-directory/hybrid/how-to-connect-group-writeback-v2
upvoted 1 times
...
Mage10
2 years, 5 months ago
answer is correct,"Use Azure AD Connect to write cloud groups, including security groups, back to your on-premises Active Directory. With this preview, you can manage access to on-premises resources with groups that are managed in the cloud.06 Jul 2022" https://www.google.com/search?q=can+security+group+in+azure+ad+sync+back+on+prem&rlz=1C1SQJL_enZA856ZA856&oq=can+security+group+in+azure+ad+sync+back+on+prem&aqs=chrome..69i57j33i160l3j33i22i29i30.30743j0j7&sourceid=chrome&ie=UTF-8
upvoted 2 times
...
amitsharma170490
2 years, 7 months ago
Now you can writeback Azure AD security Groups to On-premise AD: https://docs.microsoft.com/en-us/azure/active-directory/hybrid/how-to-connect-group-writeback-v2
upvoted 2 times
One111
2 years, 4 months ago
But it can't be configured or viewed in AADC, it can only be accomplished in PowerShell.
upvoted 1 times
...
...
rajeshrengasamy
2 years, 7 months ago
Answer is correct : Microsoft 365 groups can be written back as Distribution groups, Security groups, or Mail-Enabled Security groups. Azure AD Security groups can be written back as Security groups. (So Azure AD security Group is sync'd as Security Group https://docs.microsoft.com/en-us/azure/active-directory/hybrid/how-to-connect-group-writeback-v2
upvoted 2 times
One111
2 years, 4 months ago
But it can't be configured or viewed in AADC, it can only be accomplished in PowerShell.
upvoted 1 times
...
...
Contactfornitish
2 years, 9 months ago
1. Only O365 groups sync, not security groups 2. Device writeback enabled so device would sync
upvoted 1 times
...
charat
2 years, 11 months ago
Security group won't sync to on-prem AD but the device. However, the device will sync to the RegisteredDevices OU as stated on the answer because device writeback is enabled. Reference article: https://docs.microsoft.com/en-us/azure/active-directory/hybrid/how-to-connect-group-writeback https://docs.microsoft.com/en-us/azure/active-directory/hybrid/how-to-connect-device-writeback
upvoted 1 times
charat
2 years, 11 months ago
Important passage regarding group writeback: Groups writeback enables customers to leverage cloud groups for their hybrid needs. If you use the Microsoft 365 Groups feature, then you can have these groups represented in your on-premises Active Directory. This option is only available if you have Exchange present in your on-premises Active Directory.
upvoted 1 times
...
...
BoxGhost
3 years ago
As others have said, only 365 groups will get written back not security groups. The second answer is correct, device writeback will sync AAD devices to the RegisteredDevices OU: https://docs.microsoft.com/en-us/azure/active-directory/hybrid/how-to-connect-device-writeback#verify-devices-are-synchronized-to-active-directory
upvoted 1 times
...
RazielLycas
3 years, 2 months ago
Group writeback is for M365 groups only, device writeback send them into the Registered Devices ref: https://docs.microsoft.com/en-us/azure/active-directory/hybrid/how-to-connect-group-writeback https://docs.microsoft.com/en-us/azure/active-directory/hybrid/how-to-connect-device-writeback
upvoted 1 times
...
tf444
3 years, 3 months ago
After searching and searching more here what I found No write-back for the security group, for Office 365 group write back you need an Exchange server on the premises. https://docs.microsoft.com/en-us/azure/active-directory/hybrid/how-to-connect-group-writeback https://docs.microsoft.com/en-us/answers/questions/91022/use-aadconnect-to-create-on-prem-security-groups-a-1.html
upvoted 2 times
...
fofo1960
3 years, 6 months ago
I tested on my lab, the Security groups are not written back to my AD, I don't have any device to join it to Azure AD, so additional comment are welcome
upvoted 1 times
fofo1960
3 years, 6 months ago
But the Microsoft 365 Group are written back, so Security group wont be Synced down to AD
upvoted 1 times
...
...
Davidchercm
3 years, 8 months ago
is the answer for the device showing correct ?
upvoted 2 times
junior6995
3 years, 7 months ago
For the security group, definitely not syncing, for the computers, I'd go for not syncing as well.
upvoted 2 times
...
...
Greyexam
3 years, 10 months ago
All online articles i read seem to indicate that only 365 Groups are compatible with write back. Yet all questions in these exam files seem to indicate that other groups beyond just the 365 type are able to write back ?? Dammit MS which is it?
upvoted 2 times
...
RAJULROS
3 years, 10 months ago
MS-100 Exam question on 28May21
upvoted 2 times
...
PlumpyTumbler
3 years, 11 months ago
MS-101 question anyway.
upvoted 1 times
...
Goseu
3 years, 11 months ago
Groups writeback enables customers to leverage cloud groups for their hybrid needs. If you use the Microsoft 365 Groups feature, then you can have these groups represented in your on-premises Active Directory. This option is only available if you have Exchange present in your on-premises Active Directory.
upvoted 1 times
...
Load full discussion...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel
exam
Someone Bought Contributor Access for:
SY0-701
London, 1 minute ago