Question 1

A company is migrating a legacy application to Azure Virtual Machines.

The application relies heavily on LDAP read/write operations, NTLM authentication, and requires virtual machines to be joined to an Active Directory domain. The company does not want to deploy, manage, or patch any domain controller virtual machines in Azure, nor do they want to set up a VPN to their on-premises network.

Which identity service should you recommend?

Accepted Answer

Look for the requirement of legacy protocols (LDAP, NTLM) combined with the constraint of 'no IaaS management' (no patching VMs).

Question 2

What mistakes do candidates make on this AZ-305 question?

Accepted Answer

Confusing Microsoft Entra ID (cloud-native identity) with Microsoft Entra Domain Services (managed legacy AD). Entra ID does not support NTLM or Kerberos.

How to approach this question

Full Answer

Common mistakes

Practice the full Azure Solutions Architect Expert AZ-305 Practice Exam 1

More questions from this exam