MS-100: Microsoft 365 Identity and Services

MS-100: Microsoft 365 Identity and Services are part of the requirements for the Microsoft 365 Enterprise Administrator Expert certification

Exam requirements

The official exam document are published here: 

Exam preparation

Books covering the exam

Exam Ref MS-100 Microsoft 365 Identity and Services, 1st Edition 

  • Author: Orin Thomas Publisher: Microsoft Press
  • ISBN-13: 978-0135565735
  • ISBN-10: 0135565731

Pre-order on

Video training for the exam


These courses on Pluralsight are for the old 70-346 and 70-347 exams, but covers a lot of the exam objectives in the MS-100 exam:


Online training for the exam

Open edX (free)

Instructor-led training

Microsoft Learning Partner

Exam Objectives

Design and Implement Microsoft 365 Services (25-30%)

  • Manage domains
    • Add and configure additional domains
    • Configure user identities for new domain name
    • Configure workloads for new domain name
    • Design domain name configuration
    • Set primary domain name
    • Verify custom domain
  • Plan a Microsoft 365 implementation
    • Plan for Microsoft 365 on-premises Infrastructure
    • Plan identity and authentication solution
  • Setup Microsoft 365 tenancy and subscription
    • Configure subscription and tenant roles and workload settings
    • Evaluate Microsoft 365 for organization
    • Plan and create tenant
    • Upgrade existing subscriptions to Microsoft 365
    • Monitor license allocations
  • Manage Microsoft 365 subscription and tenant health
    • Manage service health alerts
    • Create & manage service requests
    • Create internal service health response plan
    • Monitor service health
    • Configure and review reports, including BI, OMS, and Microsoft 365 reporting
    • Schedule and review security and compliance reports
    • Schedule and review usage metrics
  • Plan migration of users and data
    • Identify data to be migrated and method
    • Identify users and mailboxes to be migrated and method
    • Plan migration of on-prem users and groups
    • Import PST Files

Manage User Identity and Roles (35-40%)

  • Design identity strategy
    • Evaluate requirements and solution for synchronization
    • Evaluate requirements and solution for identity management
    • Evaluate requirements and solution for authentication
  • Plan identity synchronization by using Azure AD Connect
    • Design directory synchronization
    • Implement directory synchronization with directory services, federation services, and Azure endpoints
  • Manage identity synchronization by using Azure AD Connect
    • Monitor Azure AD Connect Health
    • Manage Azure AD Connect synchronization
    • Configure object filters
    • Configure password sync
    • Implement multi-forest AD Connect scenarios
  • Manage Azure AD identities
    • Plan Azure AD identities
    • Implement and manage Azure AD self-service password reset
    • Manage access reviews
    • Manage groups
    • Manage passwords
    • Manage product licenses
    • Manage users
    • Perform bulk user management
  • Manage user roles
    • Plan user roles
    • Allocate roles in workloads
    • Configure administrative accounts
    • Configure RBAC within Azure AD
    • Delegate admin rights
    • Manage admin roles
    • Manage role allocations by using Azure AD
    • Plan security and compliance roles for Microsoft 365

Manage Access and Authentication (20-25%)

  • Manage authentication
    • Design authentication method
    • Configure authentication
    • Implement authentication method
    • Manage authentication
    • Monitor authentication
  • Implement Multi-Factor Authentication (MFA)
    • Design an MFA solution
    • Configure MFA for apps or users
    • Administer MFA users
    • Report MFA utilization
  • Configure application access
    • Configure application registration in Azure AD
    • Configure Azure AD application proxy
    • Publish enterprise apps in Azure AD
  • Implement access for external users of Microsoft 365 workloads
    • Create B2B accounts
    • Create guest accounts
    • Design solutions for external access

Plan Office 365 Workloads and Applications (10-15%)

  • Plan for Office 365 workload deployment
    • Identify hybrid requirements
    • Plan connectivity and data flow for each workload
    • Plan for Microsoft 365 workload connectivity
    • Plan migration strategy for workloads
  • Plan Office 365 applications deployment
    • Manage Office 365 software downloads
    • Plan for Office 365 apps
    • Plan for Office 365 Pro plus apps updates
    • Plan for Office 365 Pro plus connectivity
    • Plan for Office online
    • Plan Office 365 Pro plus deployment