ExamTopics Logo
Mail Us[email protected]
Menu
Microsoft Discussions
exam questions

Exam MS-100 All Questions

View all questions & answers for the MS-100 exam
Go to Exam

Exam MS-100 topic 3 question 21 discussion

Actual exam question from Microsoft's MS-100
Question #: 21
Topic #: 3
[All MS-100 Questions]

You have a Microsoft 365 subscription that uses an Azure Active Directory (Azure AD) tenant named contoso.com. The tenant contains the users shown in the following table.

You add another user named User5 to the User administrator role.
You need to identify which two management tasks User5 can perform.
Which two tasks should you identify? Each correct answer presents a complete solution.
NOTE: Each correct selection is worth one point.

  • A. Delete User2 and User4 only.
  • B. Reset the password of User2 and User4 only.
  • C. Delete User1, User2, and User4 only.
  • D. Delete any user in Azure AD.
  • E. Reset the password of any user in Azure AD.
  • F. Reset the password of User4 only.
Show Suggested Answer Hide Answer
Suggested Answer: AB 🗳️
Users with the User Administrator role can create users and manage all aspects of users with some restrictions (see below).
Only on users who are non-admins or in any of the following limited admin roles:
✑ Directory Readers
✑ Guest Inviter
✑ Helpdesk Administrator
✑ Message Center Reader
✑ Reports Reader
✑ User Administrator
Reference:
https://docs.microsoft.com/en-us/azure/active-directory/users-groups-roles/directory-assign-admin-roles#available-roles
by sehlohomoletsane at Feb. 12, 2023, 7:57 a.m.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
mendel79
4 weeks, 1 day ago
Selected Answer: AB
Correct answer is AB user5 can't delete or reset password of Global Admin and Exchange Admin
upvoted 1 times
...
Amir1909
1 year, 2 months ago
Correct
upvoted 1 times
...
m2L
1 year, 4 months ago
Hello Guys, according to the link below, 8 hours is just the required time for the admin to activate the role if a user requests it. For example: if User1 requests an admin role. the PIM admin has 8 hours to activate the role for User1. 8 hours after the requests of User1 if the admin doesn't activate the role for him, the request will expire and User1 has to request again. But if the admin activates the role for User1 within 8 hours, User1 will have 15 days to do his job. After 15 days he will lose the role. https://learn.microsoft.com/fr-fr/entra/id-governance/privileged-identity-management/pim-how-to-change-default-settings
upvoted 1 times
...
st2023
2 years, 1 month ago
Based on these links and some testing I conclude A and B are correct User Admin can: 1.reset password's of these roles: https://learn.microsoft.com/en-us/azure/active-directory/roles/permissions-reference#who-can-reset-passwords 2.delete these roles: https://learn.microsoft.com/en-us/azure/active-directory/roles/permissions-reference#who-can-perform-sensitive-actions since exchange admin wasn't listed in the table I tested it myself. -User admin is un-able to reset password for exchange admin(received the following message): ‎Exchange Admin 1‎ : ‎You cannot reset the password for this user because they have admin roles, such as global, billing, Exchange, SharePoint, Compliance, or Skype for Business admin. Only global admins can do that -User admin is un-able to delete exchange admin(received the following message): Delete user failed Couldn't delete this user. Please try again later.
upvoted 3 times
...
sehlohomoletsane
2 years, 2 months ago
AB is correct
upvoted 2 times
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel
exam
Someone Bought Contributor Access for:
SY0-701
London, 1 minute ago