Cannot delete AD connector

0

We have an AD connector that cannot be deleted.

It says the console is still attached as an authorized application.

When I try to disable the console, it says "You cannot disable the AWS Management Console because delegated users are still assigned to it. Remove all users and groups from the IAM roles below and try again."

When I click one of the roles it says "The role 'AWS_PRJ_W' may have been deleted or the role’s trust with AWS Directory Service no longer exists. Either recreate the role and then reassign your delegated users, or edit the trust to repair it." Even though that seems a little ridiculous (creating more things to enable something else to be deleted), I gave it a quick try but it still complained about the role.

How do I delete an inoperable AD connector?

bwyoung
질문됨 4년 전730회 조회
4개 답변
0

We block the deletion of the AD Connector when there are still applications linked to it as a safety precaution to prevent customers from unintentionally breaking an AWS application that is still using the directory. However, that can sometimes be more frustrating than helpful. This post is a good example. The error about "the role’s trust with AWS Directory Service no longer exists" means that the AD Connector is Inoperable because it no longer has access to your domain controllers. So you have to update your network settings to reestablish connectivity between the AD Connector and your domain in order to delete those roles. As you have pointed out, this is a lot of work just to delete something. Therefore, I have manually unauthorized the AWS Management Console from your AD connector. This will allow you to delete the AD Connector with out any additional work.

profile pictureAWS
답변함 4년 전
0

Thank you, that worked well. The domain this was connected to is no longer accessible so it would have been impossible to delete otherwise!

Brian

bwyoung
답변함 4년 전
0

How do I go about requesting a manual fix to this problem?

NimLND
답변함 3년 전
0

Hi I have the same problem You cannot disable the AWS Management Console because delegated users are still assigned to it. Remove all users and groups from the IAM roles below and try again I cant delete the role although I dont have any user assign to the role can you help me? santos

Santos
답변함 5달 전

로그인하지 않았습니다. 로그인해야 답변을 게시할 수 있습니다.

좋은 답변은 질문에 명확하게 답하고 건설적인 피드백을 제공하며 질문자의 전문적인 성장을 장려합니다.

질문 답변하기에 대한 가이드라인

관련 콘텐츠