Usando AWS re:Post, accetti AWS re:Post Termini di utilizzo
AWS re:Postre:Post

Setting up Microsoft Exchange Server on EC2

0

I am trying to onboard AD and Microsoft Exchange (O365, Outlook) from a third party.

So far, I have completed this ("Test Lab") step for AWS Managed AD: https://docs.aws.amazon.com/directoryservice/latest/admin-guide/ms_ad_tutorial_test_lab_base.html. This is the next: https://docs.aws.amazon.com/directoryservice/latest/admin-guide/ms_ad_tutorial_test_lab_trust.html.

I understand the above, two tutorials to be prereqs for this task - https://aws.amazon.com/blogs/modernizing-with-aws/how-to-run-microsoft-exchange-server-on-aws-using-amazon-ec2/ - however, I cannot find the second part indicated in that blog post. If anyone knows where that is, it would help.

  1. Do I need AWS Managed AD in order to have a place to bring in the third party's AD Objects (users, groups, etc)? I want my organization to be able to take advantage of AWS SSO, as well as profiles available to associate with AWS Users and Groups, as well.
  2. Do I need to set up the trust between AWS Managed AD and the self-managed Active Directory installation on EC2? I am assuming the email server will run on that same EC2, right?
Argomenti
Sicurezza, identità e conformitàComputazionaliAWS Well-Architected Framework
Tag
Sicurezza, identità e conformitàGestione identità e accesso AWSMicrosoft ExchangeAWS Directory ServiceSicurezza
Lingua
English
jvg
posta un anno fa486 visualizzazioni
1 Risposta
1
Risposta accettata

I believe you don't need to set up additional EC2 AD DS instances if you use AWS Managed AD. Follow these steps to set up AD using AWS Managed AD: https://fitdevops.in/how-to-setup-aws-managed-microsoft-active-directory/ Once you have that in place you can install MS Exchange and connect it to your AWS Managed AD deployment.

However, if this is a new setup, why not just use managed services for both AD and Exchange? Look at the instructions in this video starting with Architecture #3 - https://youtu.be/14BTX5gCs38 With this setup, you can provide the same service, but you won't have to manage the Exchange configuration.

profile picture
Carlos del Castillo
con risposta un anno fa
profile picture
ESPERTO
Giovanni Lauria
verificato un giorno fa
  • jvg
    un anno fa

    Managed services for both seems like a solid way to go. Would you happen to know which pieces I need to bring from my current, third-party vendor in order to get these managed services looking and operating "the same" when I turn them on Day 1? EG, all my current users, groups (AD), and O365 applications and their content (Outlook, etc)? I have done a small AD migration in the past just for the developers in my org, and all that was really needed was the SAML config from the third party; but I have not done onboarded an email server and its contents before.

  • Carlos del Castillo
    un anno fa

    There is actually a document to walk you through the migration of both Active Directory and Exchange:

    Hope this helps and good luck!

Accesso non effettuato. Accedi per postare una risposta.

Una buona risposta soddisfa chiaramente la domanda, fornisce un feedback costruttivo e incoraggia la crescita professionale del richiedente.

Linee guida per rispondere alle domande

Contenuto pertinente