The Schwartz Report

Blog archive

AWS Adds Active Directory Services

Amazon Web Services is now offering a set of new options to run Active Directory as a managed service in its EC2 cloud. The company this week said it's offering three options for its new cloud-based Active Directory Service.

The least expensive option is Simple AD, providing only basic Active Directory capabilities. Second is the AWS Directory Service for Microsoft Active Directory (Enterprise Edition) based on the most recent version included in Windows Server 2012 R2 and the third option is the AD Connector, which customers can link with on-premises AD domains.

The company has provided documentation to determine which service is most suitable. For those looking to create or manage user accounts, group memberships, domain-joining Amazon Elastic Compute Cloud (Amazon EC2) instances running Linux and Windows, Kerberos-based single sign-on (SSO) and group policies, Simple AD is the best choice, according to the company. It's the most suitable option for organizations with less than 5,000 user accounts.

Organizations with more than that or those that require trust relationships between the AWS-hosted version of Active Directory and on-premises directories are better off using the new AWS Service for Microsoft AD, Amazon recommends. It's available when an administrator chooses it as a directory type and is provisioned as a pair of domain controllers that run in multiple AWS Availability Zones available in any region connected to a customer's virtual private cloud (VPC), according to the company. AWS said the service offered includes host monitoring, recovery, replication, snapshots and software updates, which is configured and managed by the company.

AWS describes the AD Connector as a proxy service that links on-premises Active Directory with AWS that don't want to host AD Federation Services or other intricate directory synchronization configurations. The company recommends the connector for those with Active Directory on premises that don't require replication to the AWS-hosted directory. Developers can link to Active Directory using the AWS Directory Service API. Separate reference documentation to that API includes descriptions, syntax and examples of various actions and data types within the service.

Posted by Jeffrey Schwartz on 12/04/2015 at 12:01 PM


  • Microsoft Warns IT Pros on Windows Netlogon Fix Coming Next Month

    Microsoft on Thursday issued a reminder to organizations to ensure that their systems are properly patched for a "Critical"-rated Windows Netlogon vulnerability before next month's "update Tuesday" patch distribution arrives.

  • Microsoft Nudging Skype for Business Users to Teams

    Microsoft on Thursday announced some perks and prods for Skype for Business unified communications users, with the aim of moving them to the Microsoft Teams collaboration service instead.

  • How To Improve Windows 10's Sound and Video Quality

    Windows 10 comes with built-in tools that can help users get the most out of their sound and video hardware.

  • Microsoft Offers More 'Solorigate' Advice Using Microsoft 365 Defender Tools

    Microsoft issued yet another article with advice on how to use its Microsoft 365 Defender suite of tools to protect against "Solorigate" advanced persistent threat types of attacks in a Thursday announcement.

comments powered by Disqus