MS-102: Microsoft 365 Administrator

MS-102 training

MS-102T00: Microsoft 365 Administrator is an instructor-led course for administrators who deploy, configure, secure, monitor, and manage Microsoft 365 tenants. Students learn how to manage tenant settings, users, groups, roles, identity synchronization, secure access, Microsoft Defender XDR, Exchange Online Protection, threat intelligence, Microsoft Purview compliance, DLP, retention, and sensitivity labels.

Certification: Microsoft 365 Certified: Administrator Expert
Exam: MS-102: Microsoft 365 Administrator

Why choose Dynamics Edge for MS-102 training?

Dynamics Edge delivers MS-102 training with practical Microsoft 365 administration examples, hands-on labs, certification review, and implementation-focused discussion. The course helps administrators understand how Microsoft 365 tenant management, identity, security, compliance, and service health fit together in real enterprise environments.

• Learn how to administer Microsoft 365 tenants, services, users, groups, licenses, roles, and domains.
• Practice identity synchronization, secure access, Conditional Access, MFA, and Privileged Identity Management.
• Configure Microsoft Defender XDR, Exchange Online Protection, Safe Attachments, Safe Links, alerts, and attack simulation.
• Implement Microsoft Purview retention, DLP, sensitivity labels, information protection, and compliance controls.
• Request private team delivery for Microsoft 365 administration, CMMC readiness, security operations, tenant hardening, or role-based administrator onboarding.

What will you learn in MS-102 training?

Students learn how to administer Microsoft 365 at the tenant level and coordinate across identity, security, compliance, productivity, and monitoring workloads.

• Configure Microsoft 365 tenant settings, organizational profile, domains, service health, subscriptions, users, groups, licenses, and administrator roles.
• Manage Microsoft Entra identity synchronization, Microsoft Entra Connect Sync, Microsoft Entra Cloud Sync, authentication, MFA, SSPR, and secure access.
• Implement Microsoft Defender XDR, Exchange Online Protection, Safe Attachments, Safe Links, Secure Score, alert policies, and attack simulation training.
• Configure Microsoft Purview compliance, retention, archiving, data loss prevention, sensitivity labels, and information protection.
• Monitor Microsoft 365 service health, adoption, usage, reports, alerts, audit logging, and security posture.

Course Outline: Microsoft 365 Administrator MS-102

Learning Path 1: Deploy and manage a Microsoft 365 tenant

Module 1: Configure your Microsoft 365 experience

Students learn how to configure the Microsoft 365 tenant foundation. They review organizational profile settings, tenant properties, themes, service settings, audit logging, Information Rights Management, and Microsoft Graph PowerShell.

Topics include:

• Configure organization profile settings.
• Configure tenant-level Microsoft 365 settings.
• Create and manage custom themes.
• Enable audit logging and required tenant services.
• Install and use Microsoft Graph PowerShell.

Module 2: Manage users, licenses, and groups

Students learn how Microsoft 365 administrators manage users, groups, mail contacts, shared mailboxes, and licenses. They review account creation, group management, group recovery, license assignment, and bulk management options.

Topics include:

• Create and manage users.
• Manage licenses and license assignment.
• Create and manage Microsoft 365 groups.
• Manage security groups and mail-enabled groups.
• Recover groups by using PowerShell.

Module 3: Manage domains and client connectivity

Students learn how custom domains and connectivity settings support Microsoft 365 tenant readiness. They review domain setup, DNS records, service connectivity, and client access considerations.

Topics include:

• Add a custom domain.
• Configure DNS records.
• Validate domain ownership.
• Configure client connectivity to Microsoft 365.
• Review network connectivity and service access.

Module 4: Manage roles, role groups, and tenant health

Students learn how to delegate Microsoft 365 administration and monitor service health. They configure admin roles, role groups, workload permissions, service health notifications, reports, and support requests.

Topics include:

• Assign Microsoft 365 admin roles.
• Manage role groups.
• Delegate administration by workload.
• Monitor service health and reports.
• Submit and track Microsoft support requests.

Module 5: Deploy Microsoft 365 Apps for enterprise

Students learn how administrators manage Microsoft 365 Apps installation and deployment settings. They review licensing, Office installation options, global Office download settings, and user-driven app installation.

Topics include:

• Review Microsoft 365 Apps licensing.
• Configure Office installation settings.
• Manage user-driven installation.
• Configure Microsoft 365 Apps deployment options.
• Review update and connectivity considerations.

Learning Path 2: Implement and manage Microsoft Entra identity and access

Module 6: Prepare for identity synchronization

Students learn how to prepare on-premises identity environments for Microsoft Entra synchronization. They review UPN suffixes, user account cleanup, IdFix, directory readiness, and synchronization planning.

Topics include:

• Configure UPN suffixes.
• Prepare user accounts for synchronization.
• Run IdFix and resolve identity issues.
• Plan Microsoft Entra Connect Sync.
• Prepare directory synchronization prerequisites.

Module 7: Implement identity synchronization

Students learn how to implement and manage synchronized identities. They install Microsoft Entra Connect Sync, initiate synchronization, test group synchronization, force manual synchronization, and validate results.

Topics include:

• Install Microsoft Entra Connect Sync.
• Configure synchronization settings.
• Create test groups for synchronization.
• Force manual synchronization.
• Validate synchronized identities.

Module 8: Manage authentication and secure user access

Students learn how to secure access to Microsoft 365 services with authentication controls. They configure Conditional Access, MFA, pass-through authentication, Smart Lockout, and secure access policies.

Topics include:

• Create Conditional Access policies.
• Implement MFA by using Conditional Access.
• Test included and excluded users.
• Deploy Microsoft Entra pass-through authentication.
• Configure Microsoft Entra Smart Lockout.

Module 9: Implement Privileged Identity Management

Students learn how Privileged Identity Management helps secure administrator access. They configure eligible role assignments, approval workflows, self-activation, teammate approval, notifications, and role activation controls.

Topics include:

• Configure PIM role settings.
• Assign eligible administrator roles.
• Require approval for privileged activation.
• Configure self-approval and teammate approval.
• Review PIM notifications and audit results.

Learning Path 3: Manage security and threats by using Microsoft Defender XDR

Module 10: Manage Microsoft 365 security services

Students learn how Microsoft 365 security services protect users, mail, collaboration, and data. They review Exchange Online Protection, Microsoft Defender for Office 365, Microsoft Secure Score, and core threat protection features.

Topics include:

• Review Microsoft Defender XDR capabilities.
• Configure Exchange Online Protection concepts.
• Review Microsoft Secure Score.
• Configure Safe Attachments.
• Configure Safe Links.

Module 11: Implement Safe Attachments and Safe Links

Students learn how to protect users from malicious attachments and links. They create Safe Attachments policies, create Safe Links policies, validate policy behavior, and review protection settings.

Topics include:

• Create Safe Attachments policies.
• Turn on Microsoft Defender for Office 365 protections.
• Create Safe Links policies.
• Validate Safe Links behavior.
• Review policy propagation and testing considerations.

Module 12: Implement alert policies and threat intelligence

Students learn how to configure alert policies and validate security alerts. They create mailbox permission alerts, SharePoint permission alerts, eDiscovery alerts, and validate alert notifications.

Topics include:

• Prepare RBAC permissions for alert testing.
• Create mailbox permission alerts.
• Create SharePoint permission alerts.
• Review default eDiscovery alerts.
• Validate alert notifications.

Module 13: Implement attack simulation training

Students learn how attack simulation training helps measure and improve user resilience against phishing and malicious links. They configure spear phishing simulations, drive-by URL simulations, and validate simulated attack results.

Topics include:

• Configure attack simulation training.
• Launch spear phishing simulations.
• Launch drive-by URL simulations.
• Enable MFA for simulation administration.
• Validate simulated attack results.

Learning Path 4: Manage compliance by using Microsoft Purview

Module 14: Implement data governance and retention

Students learn how Microsoft Purview supports archiving, retention, records management, and data governance. They configure mailbox archiving and retention policies for test users and all users.

Topics include:

• Activate mailbox in-place archiving.
• Create email retention policies.
• Apply retention policies to test users.
• Apply retention policies to all users.
• Review data governance outcomes.

Module 15: Implement Microsoft Purview Data Loss Prevention

Students learn how DLP policies help prevent sensitive data leakage across Microsoft 365 workloads. They configure DLP policies, custom rules, bypass controls, and policy testing.

Topics include:

• Create DLP policies with custom settings.
• Configure DLP rules and policy tips.
• Disable bypass options when required.
• Test DLP policy behavior.
• Review DLP alerts, events, and reports.

Module 16: Implement information protection and sensitivity labels

Students learn how sensitivity labels and Microsoft Purview Information Protection help classify, label, and protect content. They configure labeling support, create labels, assign labels, and protect documents.

Topics include:

• Install the Microsoft Purview Information Protection client.
• Enable sensitivity labels for SharePoint and OneDrive files.
• Create sensitivity labels.
• Apply labels to documents.
• Protect content with Microsoft Purview Information Protection.

Hands-on labs

The MS-102 labs support hands-on practice for Microsoft 365 administrators. This single consolidated lab list merges the official GitHub-hosted MS-102 labs with the most important lab topics found in the MS-102 PowerPoint lab slides and speaker notes.

• Lab 1: Initialize the Microsoft 365 tenant and configure the organization profile.
• Lab 2: Create a custom Microsoft 365 theme and configure tenant experience settings.
• Lab 3: Enable Information Rights Management for SharePoint Online and turn on audit logging.
• Lab 4: Install Microsoft Graph PowerShell and prepare administrator tooling.
• Lab 5: Manage users, licenses, mail contacts, and Microsoft 365 groups.
• Lab 6: Create additional test groups and recover deleted groups by using PowerShell.
• Lab 7: Add and validate a custom domain in Microsoft 365.
• Lab 8: Manage administrator roles, role groups, and delegated administration.
• Lab 9: Monitor Microsoft 365 service health, reports, mail flow, and support requests.
• Lab 10: Configure Microsoft 365 Apps for enterprise installation and user-driven deployment.
• Lab 11: Prepare for identity synchronization by configuring UPN suffixes, correcting accounts, and running IdFix.
• Lab 12: Implement Microsoft Entra Connect Sync and validate synchronized identities.
• Lab 13: Manage secure user access with Conditional Access, MFA, pass-through authentication, and Smart Lockout.
• Lab 14: Implement Privileged Identity Management with admin approval, self-approval, teammate approval, and eligible role activation.
• Lab 15: Create and validate Microsoft Defender for Office 365 Safe Attachments policies.
• Lab 16: Create and validate Microsoft Defender for Office 365 Safe Links policies.
• Lab 17: Prepare and implement alert policies for mailbox permissions, SharePoint permissions, and eDiscovery activity.
• Lab 18: Conduct attack simulation training with spear phishing and drive-by URL simulations.
• Lab 19: Configure in-place archiving, retention policies, and Microsoft Purview data governance.
• Lab 20: Implement Microsoft Purview DLP policies and sensitivity labels for information protection.

Certification alignment

This course supports preparation for Exam MS-102: Microsoft 365 Administrator. The exam validates the ability to deploy and manage Microsoft 365 tenants, implement and manage Microsoft Entra identity and access, manage security and threats with Microsoft Defender XDR, and manage compliance with Microsoft Purview.

MS-102 skills measured

• Deploy and manage a Microsoft 365 tenant.
• Implement and manage Microsoft Entra identity and access.
• Manage security and threats by using Microsoft Defender XDR.
• Manage compliance by using Microsoft Purview.

Course review

Students should leave the course able to manage a Microsoft 365 tenant across administration, identity, access, security, compliance, and monitoring. The course review should reinforce tenant setup, users, groups, domains, roles, service health, Microsoft 365 Apps, identity synchronization, Conditional Access, MFA, PIM, Defender XDR, Safe Attachments, Safe Links, alert policies, attack simulation, retention, DLP, sensitivity labels, and information protection.

Certification exam review

Exam review should focus on tenant-level administration, identity and access design, Defender XDR threat protection, and Purview compliance scenarios. Priority review areas should include domains, users, groups, licenses, admin roles, Microsoft Graph PowerShell, Microsoft Entra Connect Sync, Conditional Access, MFA, PIM, Secure Score, Defender for Office 365, alert policies, attack simulation training, retention policies, DLP, sensitivity labels, and Microsoft Purview Information Protection.