Broadcom-VMware
2V0-622D · Question #70
2V0-622D Question #70: Real Exam Question with Answer & Explanation
The correct answer is A: Active Directory (Integrated Windows Authentication). Active Directory with Integrated Windows Authentication uses the SSO machine's domain Kerberos identity to authenticate users without exposing the machine's local OS accounts to SSO.
Question
An administrator is configuring an identity source for Single Sign-On. The administrator will use the machine that Single Sign-On is running on, but does not want all users on the machine to be visibile to SSO. Which Identity Source meets this requirement?
Options
- AActive Directory (Integrated Windows Authentication)
- BActive Directory as an LDAP Service
- COpenLDAP
- DLocalOS
Explanation
Active Directory with Integrated Windows Authentication uses the SSO machine's domain Kerberos identity to authenticate users without exposing the machine's local OS accounts to SSO.
Common mistakes.
- B. Active Directory as an LDAP Service requires a separately specified LDAP server hostname and credentials and does not use the SSO machine's own domain membership as its identity source.
- C. OpenLDAP requires an external OpenLDAP directory server to be configured - it is not tied to the SSO machine's local or domain identity and introduces a separate directory dependency.
- D. LocalOS exposes all user accounts from the local operating system of the machine running SSO, which directly violates the requirement of not making all users on that machine visible to SSO.
Concept tested. vCenter SSO identity source selection for local machine domain users
Community Discussion
No community discussion yet for this question.