- Newest
- Most votes
- Most comments
No, AD connector is a proxy tool that allows AWS services (Chime, QuickSight, AWS VPN, etc.) to make LDAP and Kerberos calls to customer self hosted Active Directory domains. It is not designed to also proxy this traffic for third party applications.
Yes, you can use AWS AD Connector to connect your EC2 web server in a private subnet to your existing Active Directory (AD) on-premises. Here’s how you can set it up:
-
Network Configuration: Ensure that your VPC and the private subnet where the EC2 instance resides have the necessary routing and security group rules to allow traffic between the AD Connector and your on-premises AD.
-
Set Up AD Connector: Create an AD Connector in your AWS account. You will need to specify the directory name, DNS information, and the AD credentials that will be used to connect.
-
Security Groups: Make sure the security group associated with the AD Connector allows inbound traffic on the required ports (typically LDAP on port 389 and/or LDAPS on port 636) from your private subnet.
-
VPN Configuration: Verify that your site-to-site VPN is correctly configured to allow traffic from your AWS environment to your on-premises AD.
-
EC2 Instance Configuration: On your EC2 web server, you may need to configure the application to authenticate against the AD through the AD Connector.
-
Testing: After everything is configured, test the connectivity and authentication to ensure that your EC2 instance can successfully communicate with your on-premises Active Directory.
Helpful documentation.
Noted earlier—these documents demonstrates connectivity using AWS Direct Connect, but the same setup can also be achieved easily with AWS Site-to-Site VPN.
- Scenario 1: Using AD connector to proxy authentication to on-premises Active Directory Service
- Scenario 2: Extending on-premises AD DS into AWS (replica)
Following these steps should allow you to connect your private web server to your existing AD using AWS AD Connector. If you encounter specific issues, feel free to ask for further assistance!
Relevant content
- asked 2 months ago
- AWS OFFICIALUpdated 3 years ago
- AWS OFFICIALUpdated 3 years ago
- AWS OFFICIALUpdated 2 years ago
- AWS OFFICIALUpdated 2 years ago