2016-11-16

70-346 Study Guide – Managing Office 365 Identities and Requirements

Official Microsoft Exam

As I began to study for the 70-346 certification, I noticed outside of Anders Eideblog post there wasn’t much content that linked to EVERYTHING needed to pass the exam. With new content emerging daily, I figured I would mention a few more study materials that would be beneficial. Having past experiencing taking Microsoft certifications, much of the materials are focused towards the office support blog and TechNet articles. Good Luck and Happy Studying!

Skills Measured – Overview

Provision Office 365

Module 1 – Managing Office 365 Identities and Services

Provision tenants

  • How to Provision an Office 365 Tenant

https://www.youtube.com/watch?v=4nHrmhRwfOY

  • Prepare to provision users through directory synchronization to Office 365

https://technet.microsoft.com/library/hh852478.aspx

  • Office 365 Plan Options

https://technet.microsoft.com/en-us/library/office-365-plan-options.aspx

Example

You have to assign an Office 365 plan to users that do not require a full Office client, but do support hosted voicemail. What is the least cost plan you must assign?

  1. Office 365 Medium Business
  2. Office 365 Enterprise E1
  3. Office 365 Enterprise E3
  4. Office 365 Enterprise E4

Takeaway

You must know the differences in the various Office 365 plans

Add and configure custom domains

  • Adding and Verifying a Custom Domain for Office 365

http://office365support.ca/adding-and-verifying-a-domain-for-the-new-office-365/

  • Set up your custom domain in Office 365

https://support.office.com/en-us/article/Set-up-your-custom-domain-in-Office-365-8482d6ae-dfe9-4792-abc3-1d2cbd3f8cb7?CTT=1&CorrelationId=6c0161ae-22cf-4e5d-a332-4fae0282f350&ui=en-US&rs=en-US&ad=US

  • Office 365 Service Plan Descriptions

http://technet.microsoft.com/en-us/library/office-365-service-descriptions.aspx

  • Office 365 Service Plan Comparison

http://technet.microsoft.com/en-us/office/dn788955

Example

You are an administrator for sharepointaaron.com and have to prove domain ownership of your domain for Office 365. What DNS record type do you have to create?

  1. Host record (A)
  2. Text record (TXT)
  3. Service record (SRV)
  4. Alias record (CNAME)

Takeaway

You must know how to setup DNS for user with Office 365 including domain ownership, MX, SRV, and A records like Autodiscover

Plan a pilot

  • Office 365 Microsoft Deployment Phase Guide

http://technet.microsoft.com/en-us/library/hh852466.aspx

  • Deployment planning checklist for Office 365

https://technet.microsoft.com/en-us/library/hh852404.aspx

  • Office 365 OnRamp Tool

https://onramp.office365.com/OnRamp/

  • Microsoft Office 365 On-Boarding Benefit

http://technet.microsoft.com/en-us/library/office-365-onboarding-benefit.aspx

  • Overview of Office 365 ProPlus

https://technet.microsoft.com/en-us/library/gg702619.aspx

Example

An organization prepares to implement Office 365. You have the following requirements:

  • Gather information about the requirements for the Office 365 implementation.
  • Use a supported tool that provides the most comprehensive information about the current environment.

You need to determine the organization’s readiness for the Office 365 implementation. What should you do?

  1. Run the Windows PowerShell cmdlet Get-MsolCompanylnformation.
  2. Run the OnRamp for Office 365 tool.
  3. Install the Windows Azure Active Directory Sync tool.
  4. Run the Office 365 Deployment Readiness Tool.

Takeaway

Ensure you understand the different Office 365 tools and how to utilize them

Plan and Implement Networking and Security in Office 365

Module 3 & 5 – Managing Office 365 Identities and Services

Configure DNS records for services

  • Create DNS records at any DNS hosting provider for Office 365

https://support.office.com/en-sg/article/Create-DNS-records-at-any-DNS-hosting-provider-for-Office-365-7b7b075d-79f9-4e37-8a9e-fb60c1d95166

  • Ports and protocols used by Office 365

https://technet.microsoft.com/en-us/library/hh852522.aspx

  • Plan for third-party SSL certificates for Office 365

https://technet.microsoft.com/en-us/library/hh852419.aspx

  • External Domain Name System records for Office 365

https://technet.microsoft.com/en-us/library/hh852557.aspx

Example

You must support all Exchange Online features. You need to create the required DNS entries. Which two DNS entries should you create?

  1. A
  2. SRV
  3. MX
  4. CNAME

Takeaway

Know what DNS records are needed for each service in Office 365

Enable client connectivity to Office 365

  • Office 365 Best Practice Analyzer Info

http://community.office365.com/en-us/w/deploy/office-365-best-practices-analyzer-for-your-pc.aspx

  • Remote Connectivity Analyzer

https://testconnectivity.microsoft.com/

  • Remote Connectivity Analyzer Info

http://technet.microsoft.com/en-us/library/jj851141

  • Fast Track Network Analyzer (North America)

http://na1-fasttrack.cloudapp.net/o365nwtest

  • Plan Internet bandwidth using Office 365

https://technet.microsoft.com/en-us/library/hh852542.aspx

  • Prepare for setup with health, readiness, and connectivity checks

https://technet.microsoft.com/en-us/library/dn771227.aspx

  • Firewall Ports for Office 365

https://ahandyblog.wordpress.com/cloud-technologies/firewall-ports-for-office-365/

Administer rights management (RM)

  • Apply Information Rights Management to a list or library

https://support.office.com/en-us/article/Apply-Information-Rights-Management-to-a-list-or-library-3bdb5c4e-94fc-4741-b02f-4e7cc3c54aa1?CTT=5&origin=HA102895193&CorrelationId=00017e40-d550-4449-b011-1ed424a2a129&ui=en-US&rs=en-US&ad=US

  • TechNet – What is Azure Rights Management?

https://technet.microsoft.com/library/en-us/jj585026

  • Video – What is Azure Rights Management

https://technet.microsoft.com/en-US/dn833005.aspx

Manage administrator roles in Office 365

Example

You need to delegate administrator rights to User1 to reset passwords, but User1 must not be able to reset the password for other administrators. Which administrator role must you assign?

  1. Password Admin
  2. Delegate Admin
  3. Billing Admin
  4. Global Admin

Takeaway

Know the difference between the admin roles in Office 365 and permissions required to do certain tasks

Manage Cloud Identities

Module 4 – Managing Office 365 Identities and Services

Configure password management

  • Reset a users password

https://support.office.com/en-gb/article/Reset-a-users-password-7a5d073b-7fae-4aa5-8f96-9ecd041aba9c

  • Change how often passwords expire

https://support.office.com/en-in/article/Change-how-often-passwords-expire-d479e71a-f59d-4b2c-9036-755f7b0ff7cf

  • Exploring the Office 365 Center

http://officeignitelabs.cloudguides.com/Guides/Exploring%20the%20Office%20365%20Administration%20Center.htm

Example

The maximum number of days before a password will expire is ___________ days, while the maximum number of day a user can be notified that a password will expire is __________ days.

  1. 30; 730
  2. 730; 30
  3. 365; 30
  4. 30; 365

Takeaway

Know how the Admin Center UI layout and all facts and numbers

Manage user and security groups

  • User Account Management

http://technet.microsoft.com/en-us/library/office-365-user-account-management.aspx

  • Office 365 integration with on-premises environments

https://support.office.com/en-au/article/Office-365-integration-with-on-premises-environments-263faf8d-aa21-428b-aed3-2021837a4b65

  • Exchange Server 2013 Hybrid Deployments

https://technet.microsoft.com/en-us/library/jj200581(v=exchg.150).aspx

  • Adding Multi-Factor Authentication to Azure Active Directory

https://technet.microsoft.com/en-us/library/dn249466.aspx

Manage cloud identities with Windows PowerShell

  • Administering Azure Rights Management by Using Windows PowerShell

https://technet.microsoft.com/en-us/library/jj585027.aspx

  • Manage Office 365 with Windows PowerShell

https://technet.microsoft.com/en-us/library/dn568031.aspx

Example

A company migrates to Office 365. 2,000 active users have valid Office 365 licenses assigned. An additional 5,000 user accounts were created during the migration and testing processes. These users do not have any licenses assigned. You need to remove the Office 365 user accounts that do not have any licenses assigned by using the least amount of administrative effort. Which Windows PowerShell command should you run?

  1. Get-MsolUser -All -EnabledFilter “DisabledOnly” | Remove -MsolUser -Force
  2. Get-MsolUser-EnabledFilter “DisabledOnly” | Remove-MsolUser -Force
  3. Get-MsolUser -All -UnlicensedUsersOnly | Remove-MsolUser -Force
  4. Get-MsolUser -UnlicensedUsersOnly | Remove-MsolUser –Force

Takeaway

Know the PowerShell cmdlets AND there parameters

Look for keywords such as Force and Immediately when answering the question

Implement and Manage Identities by Using DirSync

Module 10 – Managing Office 365 Identities and Services

Prepare on-premise Active Directory for DirSync

  • Setting up Directory Synchronization with the New Office 365

http://office365support.ca/setting-up-directory-synchronization-with-the-new-office-365/

  • Install and run the Office 365 IdFix tool

https://technet.microsoft.com/en-us/library/dn750846.aspx

  • Prepare for directory synchronization

https://technet.microsoft.com/en-us/library/jj151831.aspx#BKMK_ComputerRequirements

Setup up DirSync (WAAD sync tool)

  • Configure filtering for directory sync

https://msdn.microsoft.com/en-us/library/azure/jj710171.aspx

  • Deploy Office 365 DirSync in Microsoft Azure

https://technet.microsoft.com/en-us/library/dn635310.aspx

  • Multi-forest DirSync with SSO Scenario

https://technet.microsoft.com/library/dn510976.aspx

Manage Active Directory users and groups with DirSync in place

  • Directory Sync – Filtering OU’s to Sync to Office 365

http://office365support.ca/directory-synchronization-filtering-ous-to-synchronize-to-office-365/

  • Office 365 Mailbox Users Not Showing in On-Premise GAL

http://community.office365.com/en-us/f/613/t/26641.aspx

  • Manage directory synchronization

https://technet.microsoft.com/en-us/library/jj151821.aspx

Implement and Manage Federated Identities (Single Sign-On)

Module 11 – Managing Office 365 Identities and Services

Plan requirements for Active Directory Federation Services (AD FS)

  • Can’t Manage or Remover Objects that were Synchronized through the Azure AD Sync tool

http://support.microsoft.com/kb/2619062

  • Deploying SSO in Office 365

https://www.youtube.com/watch?v=HsDnYtywJNg

  • Requirements for AD FS

https://technet.microsoft.com/en-us/library/cc771145.aspx

Install and manage AD FS servers

  • How To Install ADFS 2012 R2 for Office 365

http://blogs.technet.com/b/rmilne/archive/2014/04/28/how-to-install-adfs-2012-r2-for-office-365.aspx

  • AD FS 2.0 Sign-In Pages Overview

https://technet.microsoft.com/en-us/library/ee895359.aspx

Example

You need to customize the sign-in pages for Office 365. Which ASP.NET page with change the list of trusted claims providers that are displayed?

  1. FormsSignIn.aspx
  2. SignOut.aspx
  3. HomeRealmDiscovery.aspx
  4. IdpInitiatedSignOn.aspx
  5. MasterPage.master

Takeaway

Know the different aspects of the AD FS installation, including the web pages

Install and manage AD FS proxy servers

  • Setting up ADFS Step by Step

http://office365support.ca/setting-up-adfs-proxy-server-part-1/

  • Install the Federation Service Proxy Role Service

https://technet.microsoft.com/en-us/library/dd807096.aspx

Example

An organization plans to migrate to Office 365. You use the Windows Azure Active Directory (AD) Sync tool. Several users will not migrate to Office 365. You must exclude these users from synchronization. All users must continue to authenticate against the on-premises Active Directory. You need to synchronize the remaining users. Which three actions should you perform? Each correct answer presents part of the solution.

  1. Populate an attribute for each user account
  2. Disable the user accounts in Active Directory
  3. Perform a full synchronization
  4. Configure the connection filter
  5. Run the Windows PowerShell command Set-MsolDirSyncEnabled – EnableDirSync $ false

Takeaway

You have to know the system and network requirements for AD FS. You also have to know how to setup, customize, and troubleshoot the AD FS server

Monitor and Troubleshoot Office 365 Availability and Usage

Module 12 – Managing Office 365 Identities and Services

Analyze reports

  • Use mail protection reports in Office 365 to view data about malware, spam, and rule dections

https://technet.microsoft.com/en-us/library/dn500744%28v=exchg.150%29.aspx

  • View and download reports about service usage in Office 365

https://support.office.com/en-za/article/View-and-download-reports-about-service-usage-in-Office-365-30e5558f-d3c0-4a3b-a0d5-58fc7750c0ad

Monitor service health

  • Service Health and Continuity

https://technet.microsoft.com/library/office-365-service-health.aspx

  • View the status of your services

https://support.office.com/en-in/article/View-the-status-of-your-services-932ad3ad-533c-418a-b938-6e44e8bc33b0?CorrelationId=50b257c0-e072-4a1d-9174-4307873a1c8c&ui=en-US&rs=en-IN&ad=IN

Example

What does this symbol mean in the service dashboard?

serviceHealth

  1. Normal service
  2. Service degradation
  3. Service restored
  4. Restoring service
  5. Extended recovery

Takeaway

You must know the meaning of the service dashboard icons and be able to interpret the status of the service

Isolate service interruption

  • Mail Flow Guided Walkthrough for Office 365

http://support2.microsoft.com/common/survey.aspx?scid=sw;en;3568&showpage=1

  • Hybrid Free/Busy not seeing On Prem

http://community.office365.com/en-us/f/156/t/258148.aspx

Additional Study Materials

PowerShell for common Office 365 Operations

Anderseideblog – MS Exam 70-46 Guide

(Visited 217 times, 1 visits today)

About the author 

Aaron Chatham

Summit Bundle

Get 200+ hours of Microsoft 365 Training for 27$!

Master Office 365, Power Platform & SharePoint & Teams With 200+ Hours Of Training Videos and 108 Ebooks in the Collab365 Academy. This offer is insane and is only available for a limited period.