ExpertEasy1 markMultiple Choice
AZ-305 · Question 09 · Domain 1.2: Authentication and Authorization
A company is migrating a legacy application to Azure Virtual Machines.
The application relies heavily on LDAP read/write operations, NTLM authentication, and requires virtual machines to be joined to an Active Directory domain. The company does not want to deploy, manage, or patch any domain controller virtual machines in Azure, nor do they want to set up a VPN to their on-premises network.
Which identity service should you recommend?
A company is migrating a legacy application to Azure Virtual Machines.
The application relies heavily on LDAP read/write operations, NTLM authentication, and requires virtual machines to be joined to an Active Directory domain. The company does not want to deploy, manage, or patch any domain controller virtual machines in Azure, nor do they want to set up a VPN to their on-premises network.
Which identity service should you recommend?
Answer options:
A.
Microsoft Entra Domain Services (formerly Azure AD DS)
B.
Microsoft Entra ID (formerly Azure AD)
C.
Active Directory Domain Services (AD DS) on Azure VMs
D.
Microsoft Entra Application Proxy
How to approach this question
Look for the requirement of legacy protocols (LDAP, NTLM) combined with the constraint of 'no IaaS management' (no patching VMs).
Full Answer
A.Microsoft Entra Domain Services (formerly Azure AD DS)✓ Correct
Microsoft Entra Domain Services (formerly Azure AD DS) provides managed domain services such as domain join, group policy, LDAP, and Kerberos/NTLM authentication. It is fully compatible with Windows Server Active Directory but is delivered as a managed service (PaaS), meaning you don't need to deploy, manage, or patch domain controllers.
Common mistakes
Confusing Microsoft Entra ID (cloud-native identity) with Microsoft Entra Domain Services (managed legacy AD). Entra ID does not support NTLM or Kerberos.
Practice the full Azure Solutions Architect Expert AZ-305 Practice Exam 1
55 questions · hints · full answers · grading
More questions from this exam
Q01Contoso Ltd is a global financial institution with 80 Azure subscriptions spread across 4 managem...MediumQ02Fabrikam Inc. operates a hybrid cloud environment with 500 on-premises VMware virtual machines ru...HardQ03A startup company has a single Azure subscription with a monthly budget of $5,000.
The CFO want...EasyQ04You are designing an Azure Sentinel architecture for a Managed Security Service Provider (MSSP). ...MediumQ05A healthcare enterprise is migrating its infrastructure to Azure. They have strict compliance req...Hard