Active Directory

Icon

Active Directorys

About

  • An active directory is a directory service that stores information about user account and enables other users on the network with appropriate permission to access it. Read more about them here.

  • Its stores information i.e., objects in a tree like hierarchical structure. A group of tree is called forest.

  • It has centralized security management, features like create account, assign permission etc.

AWS Directory Services

  • There are 3 types of directory services

AWS Managed Microsoft AD

  • Create your own AD in AWS, manage users locally and supports MFA.

  • Can establish trust connections with your on-premise AD, so that users not on AWS AD can be looked up on on-premise AD and vice versa.

  • It has Standard and Enterprise Edition

    • Standard Edition is optimized for 30,000 objects

    • Enterprise Edition is optimized for 500,000 objects

AD Connector

  • Its a direct gateway proxy, to redirect to on-premise AD, supports MFA.

  • Users are managed on the on-premise AD.

  • A small connector can support for smaller organization of upto 500 users. A large connector can support larger organizations of upto 5,000 users.

AD Connector

Simple AD

  • AD compatible managed directory on AWS.

  • It is backed by Linux based Samba AD compatible server.

  • Cannot be joined with on-premise AD.

  • EC2 instances running Windows can join Domain Controller for required network and shared AD object details. This will act as AD closer to EC2 instance region.

Previous28_DirectoryServiceNext29_KMS

Last updated