MS-102 is the Microsoft 365 administrator certification exam that consolidates the former MS-100 and MS-101 paths into one assessment of tenant-wide administration, identity, security, and compliance.
MS-102 is the exam for the Microsoft 365 Administrator role. It is commonly confused with MD-102, but the two exams measure different work: MS-102 is about administering Microsoft 365 services across the tenant, while MD-102 is about endpoint administration, Windows, and Intune-led device management.
Last updated: June 2026. This guide has been revised to correct the MS-102 and MD-102 distinction, reflect the MS-100 and MS-101 transition into MS-102, and place exam logistics, skill areas, and preparation guidance in one coherent path. Microsoft can revise skills measured, booking policies, languages, and pricing, so candidates should confirm those details on Microsoft Learn and Pearson VUE before registering.
MS-102 is designed for administrators who manage Microsoft 365 at the tenant level. The role sits across identity, access, security, compliance, user lifecycle administration, service health, and governance. A candidate does not need to be the deepest specialist in every workload, but they should understand how Entra ID, Exchange Online, SharePoint, Microsoft Teams, Microsoft 365 Defender, and the Microsoft Purview Compliance portal interact in a real organisation.
This is where many candidates choose the wrong study path. Someone preparing heavily for Windows deployment, device compliance profiles, Autopilot, and day-to-day Intune endpoint operations may be preparing more for MD-102 than MS-102. Those endpoint skills are valuable, and the MD-102 Endpoint Administrator course is a better fit when the job focus is device management rather than cross-workload Microsoft 365 administration.
MS-102 is also different from an entry-level fundamentals exam. Candidates who are still learning the vocabulary of Microsoft 365 services, cloud identity, collaboration, licensing, and security concepts may benefit from starting with fundamentals before attempting an administrator-level exam. By contrast, administrators already responsible for tenant settings, security defaults, Conditional Access, compliance policies, and Microsoft 365 Defender workflows can usually move directly into MS-102 preparation.
For identity-focused professionals, MS-102 can be paired later with SC-300, the Identity and Access Administrator path. That pairing often makes sense when a role involves Conditional Access design, identity governance, privileged access, and hybrid identity at greater depth. MD-102 is a stronger companion when the organisation separates tenant governance from endpoint operations and the candidate’s role is closer to modern desktop administration.
MS-102 is scheduled through Pearson VUE from the Microsoft certification exam page. Candidates should expect a Microsoft certification exam experience that may include case studies, multiple-choice questions, multiple-select questions, drag-and-drop ordering, scenario-based decision items, and best-answer questions. The exact mix is not guaranteed, which is why preparation should focus on applied decision-making rather than memorising screens.
Microsoft publishes the current exam duration, scoring model, available languages, regional pricing, registration options, and retake policy in its official exam and certification documentation. Those details can change by country and over time, so the safest approach is to verify them during the registration flow rather than relying on copied figures from older blog posts. Candidates should also read the current Microsoft exam retake policy before booking a second attempt, because waiting periods and eligibility rules are policy-driven rather than course-provider rules.
The practical registration flow is straightforward. A candidate signs in with a Microsoft account, selects MS-102 from the Microsoft certification exam page, reviews the current skills measured, chooses Pearson VUE as the exam delivery provider, selects an online or test-centre appointment where available, confirms identification requirements, and pays the regional exam fee shown during checkout. If accommodations are needed, they should be arranged through Microsoft’s approved process before scheduling, not assumed on exam day.
The official Microsoft Learn skills measured outline is the source of truth for MS-102. Rather than treating the outline as a list of pages to memorise, candidates should read it as a map of the role. The exam expects administrators to reason about policy choices, licensing implications, administrative boundaries, service dependencies, and security outcomes.
| Skill area | What it means in practice |
|---|---|
| Microsoft 365 tenant deployment and management | Managing tenant settings, service configuration, user lifecycle, groups, licensing, administrative roles, service health, and adoption-related controls. |
| Identity and access with Microsoft Entra ID | Configuring users, groups, roles, authentication methods, Conditional Access, hybrid identity, identity synchronisation, and access controls. |
| Security and threat protection with Microsoft 365 Defender | Using Defender capabilities, Secure Score, threat policies, incident queues, alert investigation, Exchange Online Protection, and security posture improvement. |
| Compliance with Microsoft Purview | Working with retention, data loss prevention, sensitivity labels, audit, eDiscovery concepts, information protection, and compliance policy alignment. |
The weight of these areas is published in the current Microsoft Learn skills measured outline. Candidates should use those official ranges to decide how to allocate study time, but they should avoid turning weighting into tunnel vision. A case study can combine identity, licensing, Defender alerts, and compliance requirements in one scenario, which means weak fundamentals in one area can affect performance in another.
The value of MS-102 preparation becomes clearer when it is linked to everyday administration. A common example is onboarding a new business unit into an existing Microsoft 365 tenant. The administrator may need to create groups, assign licences through group-based licensing, apply baseline Conditional Access, configure Teams and Exchange controls, review Defender recommendations, and decide whether retention, DLP, or sensitivity labels are the right mechanism for a data-handling requirement.
Those decisions are rarely isolated. A retention policy can preserve content for a required period, while a DLP policy can prevent sensitive data from being shared inappropriately. They solve different problems and can create confusion when applied without a governance model. Similarly, Conditional Access may improve security posture, but poor testing can lock out users or disrupt service accounts if exclusions, break-glass accounts, and authentication methods are not planned carefully.
A realistic MS-102 scenario might start with a finance department that needs stronger controls around external sharing and access from unmanaged devices. The administrator would review users and groups in Entra ID, confirm licensing, create a test group, configure a Conditional Access policy in report-only mode, review sign-in logs, assess related Defender recommendations, and then align a DLP policy in the Microsoft Purview Compliance portal for the data type being protected. No single screen is the point; the skill is understanding how identity, security, and compliance controls work together without causing operational damage.
A four-to-six-week plan works well for administrators who already have Microsoft 365 exposure. Candidates starting from helpdesk or general systems administration may need longer, especially if they have limited experience with Entra ID, Purview, Defender, or hybrid identity. The aim is to build enough hands-on fluency to explain why a configuration is chosen, not merely where it appears in the admin centre.
The first stage should be orientation. Candidates should read the current Microsoft Learn exam page, download or review the skills measured outline, and mark topics as familiar, partial, or new. This quickly exposes the common mistake of studying Microsoft 365 as a set of unrelated portals. MS-102 expects the administrator to connect licensing, identity, protection, and compliance decisions across workloads.
The second stage should be lab work in a non-production tenant. The Microsoft 365 Developer Program can be used where eligible to provision a safe practice environment, and candidates should avoid experimenting in a live business tenant unless they have explicit permission and change controls. Useful lab work includes creating users and groups, testing group-based licensing, configuring authentication methods, reviewing Conditional Access behaviour, exploring Exchange Online Protection settings, and working through DLP and retention examples in the Compliance portal.
The third stage should bring in command-line and automation awareness. A frequent preparation mistake is over-focusing on admin-centre clicks while ignoring PowerShell and Microsoft Graph concepts. Candidates do not need to become automation engineers for MS-102, but they should recognise when administrative tasks are better validated or repeated through commands, especially for users, groups, licences, roles, and audit-related checks.
The fourth stage should focus on hybrid identity and operational troubleshooting. Skipping Entra Connect and cloud sync concepts leaves a gap because many Microsoft 365 environments still involve synchronised identities. Candidates should understand source of authority, password hash synchronisation, pass-through authentication concepts, multifactor authentication, break-glass access, and the implications of changing identity settings in a production environment.
The final stage should be exam rehearsal. Practice questions are useful when they explain reasoning, but they should never become a substitute for Microsoft documentation and lab work. Candidates should review weak domains, practise reading long scenario stems, and learn to identify constraints such as licensing, least privilege, compliance requirements, user impact, and security risk.
Readers who prefer a structured route can use Readynez for guided preparation within the broader Microsoft training catalogue, but the core preparation principles remain the same: work from the official skills outline, build a lab, practise realistic administration tasks, and review mistakes carefully.
MS-102 rewards calm reading and prioritisation. Scenario stems can be long, and several answers may look plausible if the candidate has not noticed a licensing constraint, a compliance requirement, a hybrid identity dependency, or a least-privilege condition. The strongest approach is to answer the question being asked, not the broader topic the question happens to mention.
Good time management matters because the exam can include items that require interpretation rather than recall. Candidates should pay close attention to words such as “least administrative effort,” “most secure,” “minimum permissions,” “without affecting existing users,” and “meets the compliance requirement.” Those phrases usually define the answer more than the product name in the question.
MS-102 signals readiness for Microsoft 365 administration across multiple workloads. In hiring and internal promotion discussions, it is strongest when paired with evidence of practical tenant administration: managing access, handling user lifecycle changes, working with Defender incidents, interpreting Secure Score recommendations, and understanding compliance controls.
It should not be read as proof that someone is a specialist in every connected domain. Identity-heavy roles may still value SC-300, security operations roles may look for Microsoft security certifications, and endpoint-heavy teams may prefer MD-102. The strength of MS-102 is that it shows the administrator can operate across the Microsoft 365 tenant and understand how decisions in one area affect another.
The best next step depends on the work the candidate wants to do. Newer learners may need fundamentals before MS-102. Endpoint administrators should compare the Microsoft 365 administrator path with MD-102. Identity-focused administrators may progress toward SC-300 after MS-102. Administrators planning more than one Microsoft certification over the year may also compare self-study, individual courses, and Unlimited Microsoft Training options before committing to a study route.
A practical way to apply this is to start with the official MS-102 skills outline, map each domain to real tasks in a lab, and close the gaps before booking the exam. If structured guidance would help clarify the route, Readynez can discuss suitable Microsoft training options through its contact team without replacing the need for hands-on practice and official documentation.
MS-102 maps to the Microsoft 365 Administrator role. It replaced the older MS-100 and MS-101 route as the main administrator exam for tenant-level Microsoft 365 administration. It should not be confused with MD-102, which is focused on endpoint administration.
No. MS-102 focuses on Microsoft 365 tenant administration, identity, security, and compliance. MD-102 focuses on endpoint administration, including device and Windows management scenarios. Candidates should choose based on their job role rather than the similarity of the exam codes.
Preparation should start with the official Microsoft Learn skills measured outline, followed by hands-on work in a non-production Microsoft 365 tenant. Candidates should practise Entra ID administration, Conditional Access, group-based licensing, Defender workflows, Exchange Online Protection, retention, DLP, and Microsoft Purview compliance tasks.
Hands-on practice is strongly advisable. The exam is role-based and scenario-driven, so candidates need to understand how settings affect users, groups, policies, licensing, security alerts, and compliance outcomes. Lab work also reduces the risk of memorising portal steps without understanding operational impact.
Candidates should check the current Microsoft exam page, Microsoft Learn certification documentation, and Pearson VUE registration flow. Pricing, languages, delivery options, duration, and retake rules can vary or change, so official sources should be used before booking.
Get Unlimited access to ALL the LIVE Instructor-led Microsoft courses you want - all for the price of less than one course.
You're viewing our global site from United States
Would you like to view the site in
English
with prices in
Dollar?