Connect to Your Existing AD Infrastructure

Know How Guide and Hands on Guide for AWS

Connect to Your Existing AD Infrastructure

AWS Managed Microsoft AD

Connect to Your Existing AD Infrastructure for Managed Microsoft AD

You can configure one and two-way external and forest trust relationships between your AWS Directory Service for Microsoft Active Directory and on-premises directories, as well as between multiple AWS Managed Microsoft AD directories in the AWS cloud. AWS Managed Microsoft AD supports all three trust relationship directions: Incoming, Outgoing and Two-way (Bi-directional).

Active Directory Connector

Active Directory Connector guide

AD Connector is a directory gateway (acting as a proxy) with which you can redirect directory requests to your on-premises Microsoft Active Directory without caching any information in the cloud. When connected to your existing directory, all of your directory data remains on your domain controllers. AWS Directory Service does not replicate any of your directory data.

When the AWS service must look up a user or group in Active Directory, AD Connector proxies the request to the directory. When a user logs in to the AWS service, AD Connector proxies the authentication request to the directory. There are no third-party applications that work with AD Connector.

For example:

You can spread application loads across multiple AD Connectors to scale to your performance needs. There are no enforced user or connection limits.

AD Connector cannot be used with your custom applications, as it is only used for secure AWS integration for the three use-cases mentioned above.