Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people, just like you, are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
Solved

Unable to join domain controller on EC2

Posted on 2014-04-14
2
1,993 Views
Last Modified: 2014-11-12
Hi,I am hoping someone can assist me please.  

I setup windows 2008 server EC2 (Free Version Tier 1) for testing purpose before i go ahead and upgrade. I am having issue adding my vmware to the domain controller in AWS EC2. The vmware machine has internet connectivity. When I tried adding the vmware to the domain controller (using the CNAME point to the AWS public ip address) I am not having any luck, looks like it's dns issue.

Active directory has been successfully installed including the DNS service on AWS EC2, The primary DNS on the LAN  is pointing to the primary private ip address of the server. From EC2 Security, I have allowed ICMP, DNS. I have also setup CNAME from my domain to the public address of the AWS EC2 machine. Note: I have not purchased elastic ip address yet, so i tried testing this while the instance is running.

I am able to ping the AWS domain controller public ip address using the CNAME which I had created.  I have tried to point the dns server on the vmware to the public address off the aws machine and tried adding the vm machine to the dc with no luck.

Any advise please?
0
Comment
Question by:Indulge_209
2 Comments
 
LVL 25

Accepted Solution

by:
Zephyr ICT earned 500 total points
ID: 39998595
Well, first off, setting up a DC on a public address is not really a good idea, Amazon has better solutions for that (e.g VPC - Virtual Private Cloud)... Besides that Amazon also has "templates" that will configure the complete AD for you, this is called Cloudformation

That being said, I understand you wish to try things first, see if it works, and keeping costs low, you might benefit from the official AWS documentation concerning Active Directory on EC2, this can be found here... Though it's not that extensive

It will be some work because you need to adjust/configure a lot of security groups/ports, not only DNS/ICMP, you'll need ports for AD, Kerberos, LDAP(S), GC, IPSEC maybe ... etc ...

Then you might test by seeing if you can connect to the LDAP server before trying to connect with some application...

Still, it would be a better idea to have a VPC maybe with a direct VPN connection to your office, I don't know what your budget is of course, or what the use will be ...

I'm not saying it's not possible to use EC2 ... I'm just not convinced it's a good idea
0
 

Author Closing Comment

by:Indulge_209
ID: 40055400
Thanks
0

Featured Post

Master Your Team's Linux and Cloud Stack!

The average business loses $13.5M per year to ineffective training (per 1,000 employees). Keep ahead of the competition and combine in-person quality with online cost and flexibility by training with Linux Academy.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

There is no doubt that cloud is gaining importance. Many of you must have read about this technology and its growing importance. More and more organisations are embracing this technology not forgetting start-ups. The process begins by dipping …
Or at least that’s the word according to a new blog from Tech Target on AWS’s new Managed Services (MS) offering. According to the blog, AWS is launching their AWS MS program to expedite the adoption of cloud by Fortune 1000 and Global 2000 companie…
This tutorial will walk an individual through the process of transferring the five major, necessary Active Directory Roles, commonly referred to as the FSMO roles to another domain controller. Log onto the new domain controller with a user account t…
Microsoft Active Directory, the widely used IT infrastructure, is known for its high risk of credential theft. The best way to test your Active Directory’s vulnerabilities to pass-the-ticket, pass-the-hash, privilege escalation, and malware attacks …

808 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question