How to Create Trust Between AWS Managed Active Directory and On-Premises Active Directory

Подписаться 764 тыс.

Просмотров 35 тыс.

50% 1

Learn more about AWS Directory Service at - amzn.to/2vcEdgh.
This will explain how you can create a trust relationship between AWS managed Active Directory (AD) and another AD such as on-premises AD. It will allow you to federate identities and integrate AWS services such as WorkSpaces and RDS with on-premises AD.
More info can be found in the following links:
aws.amazon.com...
docs.aws.amazon...

Наука

Опубликовано:

5 сен 2024

Ссылка:

Скачать:

Готовим ссылку...

Добавить в:

Мой плейлист

Посмотреть позже

Комментарии : 30

@carlosalonsosouza6439 Год назад

Nice presentation. Thank you for sharing. One info though for those that follow this video. Pay attention to the security group of the Managed servers that are created when enabling the instance on AWS . I took some time to figure out why I could not establish the trust from the AWS interface. We must add a rule to authorize outbound network. Cheers

@amazonwebservices Год назад

Thanks, Carlos! We're glad you like it! 😀 🙌

@syedtaqiullahhussaini9419 4 года назад

Very Nice Presentation.

@alecwhitehouse3959 5 лет назад

My assumption with contoso.com is that it is on AWS but we are simulating an on-prem scenario with it?

@charleslassiter6082 Месяц назад

great presentation but the background music is very distracting

@dockert2990 3 года назад

Great presentation, thank you! Is it possible to migrate an AWS managed Microsoft Active Directory to an on-prem/unmanaged AD?

@praveenmor3963 4 года назад

"So far so good" It would have been great if you have added a "WHY" factor as well to all that you are doing.

@connorbrown9500 4 года назад

What peering connection do we have the subnets route table target to connect to 192.168.0.0/16?

@rudresh.h.ddoddamani8389 6 лет назад

Hi I have few questions. please help me on this. 1) Can we create windows 10 or 7 vm in this AWS ? 2) if i create windows 10 or 7 vm in worksspace can we add this Vm in EC domain vm ( wt we create now ) ? please help me on this.

@SriwanthaAttanayake 5 лет назад

You can. A few ways to do that. 1. You can use Amazon workspaces that comes with Windows 10, you can create an VM image and import it to AWS and then spin up a VM out of it. There is no out of the box AMI for windows 10. Any reason why you need to create a VM out of windows 10. Windows 2016 server is pretty much similar

@joshuademebo5745 6 лет назад

Nice video, but I have a question, please how do I add the on-prem CIDR Block IP address on the subnets?

@SriwanthaAttanayake 6 лет назад

Can you give more detailed question. What exactly you are trying to do?

@SriwanthaAttanayake 5 лет назад

Can you be more specific on the question. When you create the subnet you can specify the CIDR block

@tayyabnawaz9773 4 года назад

I followed your's & AWS's tutorial but every example has two domains name merging into one e.g Contoso.com and corp.example.com. Can we not just extend the only one domain name used by On-Prem ( contoso.com) over to AWS and use the resources ? Please reply.

@hamidkhalil9598 2 года назад

Look who I found... XD

@TayyabNawaz3 2 года назад

Hahaha

@microsoft365sachi8 5 лет назад

how to join domain end-user system or our premises.Because AD run on aws premises .

@SriwanthaAttanayake 5 лет назад

You first need to setup a network connectivity between AWS and on premises. Yoiu can use either a VPN based solution or AWS direct connect. Once you setup the network connectivity AWS AD behaves similar to on prem AD and you can domain join on premises machines to AWS. Read more at docs.aws.amazon.com/vpc/latest/userguide/vpn-connections.html and docs.aws.amazon.com/directconnect/latest/UserGuide/Welcome.html

@dconwheels5309 6 лет назад

Do I have to purchase that domain name to configure dns

@SriwanthaAttanayake 5 лет назад

No, you do not need to purchase the domain name. For example, I don't own contoso.com domain, but I can still create a domain out of that name. Of cause you can then use it only internally. You can use any domain name internally.

@ashishtripathi7897 5 лет назад

Hi, I set up the same lab and ping working from cloud to premise and vice versa.but unable to create a trust between cloud and premise. While pinging from cloud to premise with permise domain name its not ping. Please help me to resolve

@markbulmer5227 4 года назад

I just did this lab and had the same issue. I realized it's the Security Group that's automatically created by the Managed AD ... (look into your security groups and you'll see it named similarly to your Managed AD ID, just open the inbound and outbound ports and make sure it's going to the correct address and not just another SG).

@ThangLe-pd6tk Год назад

@@markbulmer5227 I had the same issue. For security group of Managed AD, I allowed all traffic but still error.

@xammocoloniax Год назад

@@ThangLe-pd6tk Me too, can ping both domain names from the other side fine (on ManagedAD side I have a member server in the same subnet as the ManagedAD, added to domain). Security groups allowing all traffic both ways. No luck yet.

@ThangLe-pd6tk Год назад

@@xammocoloniax you can try check peering connection correct or not. Maybe different subnet

@emmanuelorsar1224 2 месяца назад

Very godly presentation. You deserve a leg of my shoe lol. This was totally awesome. Do you have a youtube channel i can sub or follow

@abhijitroy-sz6th 6 лет назад

After login with domain admin i can create user/group but cannot edit/create any GPO. Cannot even change permission it's all grayed out. Please help.

@abhijitroy-sz6th 6 лет назад

issue fixed. thanks.

@SriwanthaAttanayake 6 лет назад

You can create GPO only on a specific organization unit (OU) starting with your domain name. You can't create GPO at any place you like.

@yemigbajobi6168 4 года назад

Just a suggestion..The re needs to be a break in the practical to explain what you want to do and how to achieve. The video seem like a long string with no break in-between.