Exam 70-346 Cheat Sheet - Part I

All the information you need to pass the first of the exams in the MCSA:Office 365 series

I recently sat this microsoft exam and passed with high score. I have been in the field for a while now and have worked with Office 365 since the beginnings but do not let that fool you! I'm not an "expert" and no! This exam was not mega-easy for me. I think the difference this time was that:

A. I Enjoy working with 365

B. I took the time to study properly: read every book I could get hold of, lots of blogs, articles, had discussions with mentors and seniors, etc.

I actually enjoyed for the first time the whole experience of sitting a Microsoft Exam (Except for the odd "doesnt-make-any-sense" Microsoft Powershe ll question).

Anyway long story short, all this study led to feeling confident enough AND gave me the right amount of knowledge to write in my own words, my own "documentation" or "cheat sheet" which I now would like to share with the Gooroo community.

Please note Office 365 as any other SaaS product changes often and there might be some parts which require updates but the core knowledge is here. Also though I tried to keep everything as tidy as I could, this is a home-made cheat sheet so it can have some typos, erratas, etc.

This is a work in progress and I will keep updating as we go.

WIthout further introduction, Lets get Started!

I higly suggest using this guide after you have studied either the Exam ref book, cbtnuggets, pluralsight, etc. as its ment to be a bulletpoint review of you what the exam content would be like

First of all is always good to have a print out of the list of Skills meassured or exam content so you can use as a reference and take notes which are your strenghts or areas of opportunity. You can find it here.

70-346 Identities and Requirements

To setup Office 365:

  1. Setup an Office 365 plan.
  2. Configure the Global Administrator account recovery information.
  3. Configure the custom domain and DNS.

Power Shell can be used to manage Office 365, you first need to download the Microsoft Online Services Sign-In Assistant.

The following three filtering configuration types can be applied to the Directory Synchronization tool: 1. Organizational-unit (OU)–based: You can use this filtering type to manage the properties of the SourceAD Management Agent in the Directory Synchronization tool. This filtering type enables you to select which OUs are allowed to synchronize to the cloud.

  1. Domain-based: You can use this filtering type to manage the properties of the SourceAD Management Agent in the directory synchronization tool. This type enables you to select which domains are allowed to synchronize to the cloud

  2. User-attribute–based: You can use this filtering method to specify attribute-based filters for user objects. This enables you to control which objects should not be synchronized to the cloud.

FIM is used to assign filters to Azure Active Directory Sync. To exclude users from being synced use FIM:

  1. Populate an attribute in Active Directory, because you need a filter argument
  2. Configure a filter based on that attribute
  3. Perform a full synchronization

If Azure Active Directory Sync is not used to create accounts in Office 365 and you still want to use a bulk import mechanism to create users in the cloud export the users from your on premises Active Directory and then create a Power Shell script.

After deploying ADFS tenant password policies are handled by the local Active Directory Environment and note Office 365. So even if you got 2 different password policies all the users will be synched by Azure Active Directory Sync.

If you are migrating SIP Domains to Lync Online, don’t forget that you must have a public routed domain suffix. For Example a lot of companies are using mycompany.local. A .local suffix is at the moment a non public routed DNS Suffix. So suffixes such as contoso.local or a Netbios Name such as contoso can not be migrated.

To determine if a company is ready to use Office 365 you can use the OnRamp for Office 365 tool.

To add a custom domain to Office 365 the first thing you need to do is add the custom domain and verify it.

The Service Administrator role cannot reset or change password of other Office 365 users.

If you want to grant the permissions to a user to monitor Exchange Online Services in Office 365, assign the Service Administrator role and grant this user administrative permissions in Exchange Online. You need to do these two steps as a signed in Global Admin Account.

The Global Admin can manage the company information in Office 365.

The Lync Bandwidth Analyzer can be used to estimate the post migration network traffic of Lync Online.

With Enable-AadrmSuperUserFeature you can activate the Administrator function in Active Directory Rights Management. This is not enabled by default. If it is turned on you can configure who is authorized to administer the rights management service.

To analyze the trends for email messages received over the past 60 days and get SPAM statistics use the Mail Protection Reports

To troubleshoot Exchange Online and Exchange on premise problems for example if a user can not see free / buys information of other users, use the Remote Connectivity Analyzer with Office 365 tab selected.

You can use the Remote Connectivity Analyzer to verify your external Lync Settings too.

You can use System Center Operations Manager with the Office 365 Management Pack and a Watcher Node PC to configure notification if Microsoft plans a Maintenance for Office 365.

To view the service health and maintenance reports of the past seven days you can use the Service Health Page in the Office 365 Admin Center or subscribe to the RSS Notification Feed.

If you want to grant the permissions to a user to monitor Exchange Online Services in Office 365, assign the Service Administrator role and grant this user administrative permissions in Exchange Online. You need to do these two steps as a signed in Global Admin Account.

The Global Admin can manage the company information in Office 365.

The Lync Bandwidth Analyzer can be used to estimate the post migration network traffic of Lync Online.

To track the sending of confidential information you can use DLP Policies. To get a report of any sent mail matching a DLP look for the:

  1. Rule matches for sent mail
  2. DLP Policy matches for sent mail

With Enable-AadrmSuperUserFeature you can activate the Administrator function in Active Directory Rights Management. This is not enabled by default. If it is turned on you can configure who is authorized to administer the rights management service.

To get all the features in Exchange Online you need to create the following records:

  1. CNAME
  2. MX

The prerequisites for the Azure Active Directory module for Windows Power Shell installed on Server 2012 are:

  1. Microsoft Online Services Sign-In Assistant
  2. Microsoft .Net Framework 3.5
  3. Windows Azure Active Directory module for Windows Power Shell

DirSync Requirements:

  1. Microsoft .Net Framework 3.5 SP1 and Microsoft .Net Framework 4.0
  2. A member server running 2008 or 2012
  3. Forest functional level of 2003

When User synchronization is used all users information such as department etc. must be maintained in the on premise Active Directory.

DNS Record examples:

  1. TXT: They help prevent outbound email messages from being flagged as SPAM
  2. MX: Configures email message routing.
  3. CNAME: Outlook autodiscover record is used to help user to configure client.

Please find the rest of the guide in Part II( Coming Soon)