1 réponse
- Le plus récent
- Le plus de votes
- La plupart des commentaires
0
My understanding is that the Directory Service is private so can not be directly exposed to the internet.
Easiest way would to be add a load balancer to bridge public/private subnets pointing to the DS servers/endpoints.
However, exposing AD to the internet is not a great idea with out lots of controls and security on AD and the VPC. Also bear in mind that AD also uses more than just a single "server" DNS record.
What are you trying to achieve by opening up the directory to the internet?
It might be easier/wiser to create a "multi site" AD setup and have a DC in another location/cloud that is connected to AWS via secure network (VPN, DX).
répondu il y a un an
Contenus pertinents
- demandé il y a un an
- demandé il y a un an
- demandé il y a 6 jours
- AWS OFFICIELA mis à jour il y a un an
- AWS OFFICIELA mis à jour il y a 4 ans
- AWS OFFICIELA mis à jour il y a un an
- AWS OFFICIELA mis à jour il y a un an
Thanks Robin, I am trying to enable RDS authentication with kerberos, and our users are managed by FreeIPA, then I created AWS Directory Service and AWS Managed AD Server instance, want to integrate managed AD with FreeIPA by using LDAP, but facing issue while setup trust.