Issues when initializing AWS Directory Service

Question

Hi, I am new to using AWS Directory Service.

I followed this lab https://docs.aws.amazon.com/directoryservice/latest/admin-guide/ms_ad_tutorial_test_lab_base.html

Next, I attached an EC2 instance using Domain Join.

My security group settings are as follows:
Inbound: 3389 (My IP); All traffic (10.0.0.0/16)
Outbound: All traffic (Everywhere)

I've added the AmazonSSMManagedInstanceCore and the AmazonSSMDirectoryServiceAccess to my instance profile as well.

However, I am still unable to login under `corp\Admin` with the password created when initializing the Directory. Also, I am able to login as `Administrator` under the local account.

Is there anything I done wrong? My directory is AD Standard based on Windows Server 2019.

My end goal is to attach an FSx so that I can do create Lambdas to transfer files over SMB.

IaC: https://github.com/andreswebs/terraform-aws-ad-fsx
Lambda SMB: https://aws.amazon.com/blogs/storage/enabling-smb-access-for-serverless-workloads/

Answer

Hello.

Is EC2 able to participate in Active Directory?  
It is possible that you are not successfully participating in AD, so please try to participate using the steps in the document below.  
Also, check the DNS settings of Windows EC2 and see if you can refer to the Managed AD IP address.  
https://learn.microsoft.com/en-us/windows-server/identity/ad-fs/deployment/join-a-computer-to-a-domain

Issues when initializing AWS Directory Service

관련 콘텐츠