70-346 Study Guide – Managing Office 365 Identities and Requirements

2016-11-16

70-346 Study Guide – Managing Office 365 Identities and Requirements

Official Microsoft Exam –

As I began to study for the 70-346 certification, I noticed outside of Anders Eideblog post there wasn’t much content that linked to EVERYTHING needed to pass the exam. With new content emerging daily, I figured I would mention a few more study materials that would be beneficial. Having past experiencing taking Microsoft certifications, much of the materials are focused towards the office support blog and TechNet articles. Good Luck and Happy Studying!

Skills Measured – Overview

Provision Office 365
Plan and implement networking and security in Office 365
Manage cloud identities
Implement and manage identities by using DirSync
Implement and manage identities using SSO
Monitor and troubleshoot Office 365 availability and usage

Provision Office 365

Module 1 – Managing Office 365 Identities and Services

Provision tenants

How to Provision an Office 365 Tenant

https://www.youtube.com/watch?v=4nHrmhRwfOY

Prepare to provision users through directory synchronization to Office 365

https://technet.microsoft.com/library/hh852478.aspx

Office 365 Plan Options

https://technet.microsoft.com/en-us/library/office-365-plan-options.aspx

Example

You have to assign an Office 365 plan to users that do not require a full Office client, but do support hosted voicemail. What is the least cost plan you must assign?

Office 365 Medium Business
Office 365 Enterprise E1
Office 365 Enterprise E3
Office 365 Enterprise E4

Takeaway

You must know the differences in the various Office 365 plans

Add and configure custom domains

Adding and Verifying a Custom Domain for Office 365

http://office365support.ca/adding-and-verifying-a-domain-for-the-new-office-365/

Set up your custom domain in Office 365

https://support.office.com/en-us/article/Set-up-your-custom-domain-in-Office-365-8482d6ae-dfe9-4792-abc3-1d2cbd3f8cb7?CTT=1&CorrelationId=6c0161ae-22cf-4e5d-a332-4fae0282f350&ui=en-US&rs=en-US&ad=US

Office 365 Service Plan Descriptions

http://technet.microsoft.com/en-us/library/office-365-service-descriptions.aspx

Office 365 Service Plan Comparison

http://technet.microsoft.com/en-us/office/dn788955

Example

You are an administrator for sharepointaaron.com and have to prove domain ownership of your domain for Office 365. What DNS record type do you have to create?

Host record (A)
Text record (TXT)
Service record (SRV)
Alias record (CNAME)

Takeaway

You must know how to setup DNS for user with Office 365 including domain ownership, MX, SRV, and A records like Autodiscover

Plan a pilot

Office 365 Microsoft Deployment Phase Guide

http://technet.microsoft.com/en-us/library/hh852466.aspx

Deployment planning checklist for Office 365

https://technet.microsoft.com/en-us/library/hh852404.aspx

Office 365 OnRamp Tool

https://onramp.office365.com/OnRamp/

Microsoft Office 365 On-Boarding Benefit

http://technet.microsoft.com/en-us/library/office-365-onboarding-benefit.aspx

Overview of Office 365 ProPlus

https://technet.microsoft.com/en-us/library/gg702619.aspx

Example

An organization prepares to implement Office 365. You have the following requirements:

Gather information about the requirements for the Office 365 implementation.
Use a supported tool that provides the most comprehensive information about the current environment.

You need to determine the organization’s readiness for the Office 365 implementation. What should you do?

Run the Windows PowerShell cmdlet Get-MsolCompanylnformation.
Run the OnRamp for Office 365 tool.
Install the Windows Azure Active Directory Sync tool.
Run the Office 365 Deployment Readiness Tool.

Takeaway

Ensure you understand the different Office 365 tools and how to utilize them

Plan and Implement Networking and Security in Office 365

Module 3 & 5 – Managing Office 365 Identities and Services

Configure DNS records for services

Create DNS records at any DNS hosting provider for Office 365

https://support.office.com/en-sg/article/Create-DNS-records-at-any-DNS-hosting-provider-for-Office-365-7b7b075d-79f9-4e37-8a9e-fb60c1d95166

Ports and protocols used by Office 365

https://technet.microsoft.com/en-us/library/hh852522.aspx

Plan for third-party SSL certificates for Office 365

https://technet.microsoft.com/en-us/library/hh852419.aspx

External Domain Name System records for Office 365

https://technet.microsoft.com/en-us/library/hh852557.aspx

Example

You must support all Exchange Online features. You need to create the required DNS entries. Which two DNS entries should you create?

A
SRV
MX
CNAME

Takeaway

Know what DNS records are needed for each service in Office 365

Enable client connectivity to Office 365

Office 365 Best Practice Analyzer Info

http://community.office365.com/en-us/w/deploy/office-365-best-practices-analyzer-for-your-pc.aspx

Remote Connectivity Analyzer

https://testconnectivity.microsoft.com/

Remote Connectivity Analyzer Info

http://technet.microsoft.com/en-us/library/jj851141

Fast Track Network Analyzer (North America)

http://na1-fasttrack.cloudapp.net/o365nwtest

Plan Internet bandwidth using Office 365

https://technet.microsoft.com/en-us/library/hh852542.aspx

Prepare for setup with health, readiness, and connectivity checks

https://technet.microsoft.com/en-us/library/dn771227.aspx

Firewall Ports for Office 365

https://ahandyblog.wordpress.com/cloud-technologies/firewall-ports-for-office-365/

Administer rights management (RM)

Apply Information Rights Management to a list or library

https://support.office.com/en-us/article/Apply-Information-Rights-Management-to-a-list-or-library-3bdb5c4e-94fc-4741-b02f-4e7cc3c54aa1?CTT=5&origin=HA102895193&CorrelationId=00017e40-d550-4449-b011-1ed424a2a129&ui=en-US&rs=en-US&ad=US

TechNet – What is Azure Rights Management?

https://technet.microsoft.com/library/en-us/jj585026

Video – What is Azure Rights Management

https://technet.microsoft.com/en-US/dn833005.aspx

Manage administrator roles in Office 365

Office 365 Administrator Roles – http://technet.microsoft.com/en-us/library/hh852528.aspx

Example

You need to delegate administrator rights to User1 to reset passwords, but User1 must not be able to reset the password for other administrators. Which administrator role must you assign?

Password Admin
Delegate Admin
Billing Admin
Global Admin

Takeaway

Know the difference between the admin roles in Office 365 and permissions required to do certain tasks

Manage Cloud Identities

Module 4 – Managing Office 365 Identities and Services

Configure password management

Reset a users password

https://support.office.com/en-gb/article/Reset-a-users-password-7a5d073b-7fae-4aa5-8f96-9ecd041aba9c

Change how often passwords expire

https://support.office.com/en-in/article/Change-how-often-passwords-expire-d479e71a-f59d-4b2c-9036-755f7b0ff7cf

Exploring the Office 365 Center

http://officeignitelabs.cloudguides.com/Guides/Exploring%20the%20Office%20365%20Administration%20Center.htm

Example

The maximum number of days before a password will expire is ___________ days, while the maximum number of day a user can be notified that a password will expire is __________ days.

30; 730
730; 30
365; 30
30; 365

Takeaway

Know how the Admin Center UI layout and all facts and numbers

Manage user and security groups

User Account Management

http://technet.microsoft.com/en-us/library/office-365-user-account-management.aspx

Office 365 integration with on-premises environments

https://support.office.com/en-au/article/Office-365-integration-with-on-premises-environments-263faf8d-aa21-428b-aed3-2021837a4b65

Exchange Server 2013 Hybrid Deployments

https://technet.microsoft.com/en-us/library/jj200581(v=exchg.150).aspx

Adding Multi-Factor Authentication to Azure Active Directory

https://technet.microsoft.com/en-us/library/dn249466.aspx

Manage cloud identities with Windows PowerShell

Administering Azure Rights Management by Using Windows PowerShell

https://technet.microsoft.com/en-us/library/jj585027.aspx

Manage Office 365 with Windows PowerShell

https://technet.microsoft.com/en-us/library/dn568031.aspx

Example

A company migrates to Office 365. 2,000 active users have valid Office 365 licenses assigned. An additional 5,000 user accounts were created during the migration and testing processes. These users do not have any licenses assigned. You need to remove the Office 365 user accounts that do not have any licenses assigned by using the least amount of administrative effort. Which Windows PowerShell command should you run?

Get-MsolUser -All -EnabledFilter “DisabledOnly” | Remove -MsolUser -Force
Get-MsolUser-EnabledFilter “DisabledOnly” | Remove-MsolUser -Force
Get-MsolUser -All -UnlicensedUsersOnly | Remove-MsolUser -Force
Get-MsolUser -UnlicensedUsersOnly | Remove-MsolUser –Force

Takeaway

Know the PowerShell cmdlets AND there parameters

Look for keywords such as Force and Immediately when answering the question

Implement and Manage Identities by Using DirSync

Module 10 – Managing Office 365 Identities and Services

Prepare on-premise Active Directory for DirSync

Setting up Directory Synchronization with the New Office 365

http://office365support.ca/setting-up-directory-synchronization-with-the-new-office-365/

Install and run the Office 365 IdFix tool

https://technet.microsoft.com/en-us/library/dn750846.aspx

Prepare for directory synchronization

https://technet.microsoft.com/en-us/library/jj151831.aspx#BKMK_ComputerRequirements

Setup up DirSync (WAAD sync tool)

Configure filtering for directory sync

https://msdn.microsoft.com/en-us/library/azure/jj710171.aspx

Deploy Office 365 DirSync in Microsoft Azure

https://technet.microsoft.com/en-us/library/dn635310.aspx

Multi-forest DirSync with SSO Scenario

https://technet.microsoft.com/library/dn510976.aspx

Manage Active Directory users and groups with DirSync in place

Directory Sync – Filtering OU’s to Sync to Office 365

http://office365support.ca/directory-synchronization-filtering-ous-to-synchronize-to-office-365/

Office 365 Mailbox Users Not Showing in On-Premise GAL

http://community.office365.com/en-us/f/613/t/26641.aspx

Manage directory synchronization

https://technet.microsoft.com/en-us/library/jj151821.aspx

Implement and Manage Federated Identities (Single Sign-On)

Module 11 – Managing Office 365 Identities and Services

Plan requirements for Active Directory Federation Services (AD FS)

Can’t Manage or Remover Objects that were Synchronized through the Azure AD Sync tool

http://support.microsoft.com/kb/2619062

Deploying SSO in Office 365

https://www.youtube.com/watch?v=HsDnYtywJNg

Requirements for AD FS

https://technet.microsoft.com/en-us/library/cc771145.aspx

Install and manage AD FS servers

How To Install ADFS 2012 R2 for Office 365

http://blogs.technet.com/b/rmilne/archive/2014/04/28/how-to-install-adfs-2012-r2-for-office-365.aspx

AD FS 2.0 Sign-In Pages Overview

https://technet.microsoft.com/en-us/library/ee895359.aspx

Example

You need to customize the sign-in pages for Office 365. Which ASP.NET page with change the list of trusted claims providers that are displayed?

FormsSignIn.aspx
SignOut.aspx
HomeRealmDiscovery.aspx
IdpInitiatedSignOn.aspx
MasterPage.master

Takeaway

Know the different aspects of the AD FS installation, including the web pages

Install and manage AD FS proxy servers

Setting up ADFS Step by Step

http://office365support.ca/setting-up-adfs-proxy-server-part-1/

Install the Federation Service Proxy Role Service

https://technet.microsoft.com/en-us/library/dd807096.aspx

Example

An organization plans to migrate to Office 365. You use the Windows Azure Active Directory (AD) Sync tool. Several users will not migrate to Office 365. You must exclude these users from synchronization. All users must continue to authenticate against the on-premises Active Directory. You need to synchronize the remaining users. Which three actions should you perform? Each correct answer presents part of the solution.

Populate an attribute for each user account
Disable the user accounts in Active Directory
Perform a full synchronization
Configure the connection filter
Run the Windows PowerShell command Set-MsolDirSyncEnabled – EnableDirSync $ false

Takeaway

You have to know the system and network requirements for AD FS. You also have to know how to setup, customize, and troubleshoot the AD FS server

Monitor and Troubleshoot Office 365 Availability and Usage

Module 12 – Managing Office 365 Identities and Services

Analyze reports