ExpertMinds LogoExpertMinds
Easy1 markMultiple Choice
Domain 1.2: Authentication and AuthorizationDomain 1Azure AD DSLegacy AuthenticationMigration

AZ-305 · Question 09 · Domain 1.2: Authentication and Authorization

You are migrating a legacy application to Azure Virtual Machines. The application relies heavily on LDAP read/write operations and NTLM/Kerberos authentication.

The company has already synchronized their on-premises Active Directory to Microsoft Entra ID (Azure AD) using Entra Connect. They want to decommission their on-premises domain controllers and do not want to manage any domain controller VMs in Azure (IaaS).

Which service should you recommend to support the legacy application?

Answer options:

A.

Microsoft Entra ID (Azure AD)

B.

Microsoft Entra Domain Services (Azure AD DS)

C.

Microsoft Entra Application Proxy

D.

Active Directory Federation Services (AD FS)

How to approach this question

Identify the PaaS service that provides legacy AD protocols (NTLM, Kerberos, LDAP) in Azure.

Full Answer

B.Microsoft Entra Domain Services (Azure AD DS)✓ Correct
Microsoft Entra Domain Services (Azure AD DS)
Microsoft Entra Domain Services (formerly Azure AD DS) provides managed domain services such as domain join, group policy, LDAP, and Kerberos/NTLM authentication. It synchronizes with your existing Entra ID tenant. This allows you to lift-and-shift legacy applications that require these protocols to Azure without having to deploy and manage Windows Server Domain Controllers on VMs.

Common mistakes

Assuming native Entra ID supports LDAP or Kerberos. It only supports modern protocols like SAML, OAuth 2.0, and OpenID Connect.
08All questions10

Practice the full Azure Solutions Architect Expert AZ-305 Practice Exam 2

55 questions · hints · full answers · grading

Sign up freeTake the exam

More questions from this exam

Q01Fabrikam Inc. is a global financial services company with 200 Azure subscriptions managed via a c...HardQ02A healthcare organization has 500 on-premises Windows Server VMs and 300 Azure VMs. They are impl...HardQ03You are designing a security monitoring solution using Microsoft Sentinel. The compliance depar...EasyQ04Your company has a microservices application deployed across multiple Azure App Service instances...MediumQ05A defense contractor is migrating to Microsoft 365 and Azure. They have a strict security policy ...Hard
View all 55 questions →