How can I set up a trust relationship between two AWS Managed Microsoft AD domains, which use the same VPC?

1

I created two AWS Managed Microsoft AD and want to create a trust relationship between them. I found a topic, where a trust relationship is set up between two AWS Managed Microsoft AD in different VPCs, but I would like to to the same in one VPC. Is that possible? I checked the security groups, but they are be ok I think.

When I create the trust relationship I always get the error:

Trust relationship status failed The remote domain is not reachable. Please ensure your security group settings are correct and your conditional forwarder is configured properly. Learn more

asked 4 months ago146 views
1 Answer
0
Accepted Answer

Yes it is possible to create a trust between two AWS Managed Microsoft AD forests. The most common reason for the error message "The remote domain is not reachable" is that the default settings applied to the security group attached to each directory blocks outbound traffic. The steps in this article describe how to allow outbound trust traffic.

https://docs.aws.amazon.com/directoryservice/latest/admin-guide/ms_ad_troubleshooting_trusts.html#no_domain_name

profile pictureAWS
answered 4 months ago
profile picture
EXPERT
reviewed 4 months ago

You are not logged in. Log in to post an answer.

A good answer clearly answers the question and provides constructive feedback and encourages professional growth in the question asker.

Guidelines for Answering Questions