Solved

Does AWS have a replacement for Active Directory?

Posted on 2016-09-14
3
87 Views
Last Modified: 2016-09-19
I have a small network that I want to use Dropbox for storage.
I need to be able to centrally authenticate my users and also push out policies like GPO's.

Does AWS have this sort of service?
All my users computers will be on premise, not in the cloud.
0
Comment
Question by:ie0
  • 2
3 Comments
 
LVL 10

Expert Comment

by:George Khairallah
ID: 41797905
AWS does have a directory service, which is Microsoft Active Directory compatible, and does support GPO.
You can read more about it here:
https://aws.amazon.com/directoryservice/

Though from what you're asking, it sounds like you would need to establish a VPC with a VPN gateway to your on-prem environment to authenticate that way. Typically for this type of scenario, it's more customary to use an on-prem AD service with an AWS EC2 instance with AD on it, to extend your on-prem environment. The Active Directory service provided by AWS, IMHO is more suited for workloads that are implemented within the AWS structure or within a specific VPC.

Hope this helps,
1
 

Author Comment

by:ie0
ID: 41798146
Sorry, I should have explained, I do not have an on premise AD server.
0
 
LVL 10

Accepted Solution

by:
George Khairallah earned 500 total points
ID: 41798163
Correct. I understood that you didn't.
I was simply suggesting that it's usually best practice to have your AD server on premise and have RODC or even a normal DC in the cloud.
But, for an answer directly to your concern, you should be able to use AWS's directory service and connect it to your on-prem machines, but for that, you will need to use AWS's VPN service within the VPC, to connect your on-prem network, and your AWS network.  You will likely be ok as far as cost with the AWS Directory Service, as it's not too expensive, especially if you're good with just a small instance, but there is also a cost associated with the VPN service to keep in mind.

You might also want to look at the SimpleAD FAQ here:
https://aws.amazon.com/directoryservice/faqs/ 

As it will show you what SimpleAD can and cannot do. If it does meet your needs, then great, otherwise, you may be better served with installing AD on an AWS EC2 instance, and connecting it to your environment in the same way. (i.e: VPN)

Hope this helps :)
1

Featured Post

Netscaler Common Configuration How To guides

If you use NetScaler you will want to see these guides. The NetScaler How To Guides show administrators how to get NetScaler up and configured by providing instructions for common scenarios and some not so common ones.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
AWS Snapshots and Recovery 1 91
AWS Routing 3 203
AWS EC2 Windows Server 2008 - how do I add another volume (D:)? 3 120
Azure, AWS and Google Cloud differences 2 25
Hello to you all, If you are seeking to become certified in the leading Public Cloud provider -- AWS (Amazon Web Services) -- then you must be ready for what lies ahead with your preparation and study. This article has been written following the …
AWS Glacier is Amazons cheapest storage option and is their answer to a ‘Cold’ storage service.  Customers primarily use this service for archival purposes and storage of infrastructure backups.  Its unlimited storage potential and low storage cost …
Steps to create a PostgreSQL RDS instance in the Amazon cloud. We will cover some of the default settings and show how to connect to the instance once it is up and running.
Connecting to an Amazon Linux EC2 Instance from Windows Using PuTTY.

789 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question