Cannot delete AD connector

0

We have an AD connector that cannot be deleted.

It says the console is still attached as an authorized application.

When I try to disable the console, it says "You cannot disable the AWS Management Console because delegated users are still assigned to it. Remove all users and groups from the IAM roles below and try again."

When I click one of the roles it says "The role 'AWS_PRJ_W' may have been deleted or the role’s trust with AWS Directory Service no longer exists. Either recreate the role and then reassign your delegated users, or edit the trust to repair it." Even though that seems a little ridiculous (creating more things to enable something else to be deleted), I gave it a quick try but it still complained about the role.

How do I delete an inoperable AD connector?

bwyoung
asked 3 years ago149 views
3 Answers
0

We block the deletion of the AD Connector when there are still applications linked to it as a safety precaution to prevent customers from unintentionally breaking an AWS application that is still using the directory. However, that can sometimes be more frustrating than helpful. This post is a good example. The error about "the role’s trust with AWS Directory Service no longer exists" means that the AD Connector is Inoperable because it no longer has access to your domain controllers. So you have to update your network settings to reestablish connectivity between the AD Connector and your domain in order to delete those roles. As you have pointed out, this is a lot of work just to delete something. Therefore, I have manually unauthorized the AWS Management Console from your AD connector. This will allow you to delete the AD Connector with out any additional work.

answered 3 years ago
0

Thank you, that worked well. The domain this was connected to is no longer accessible so it would have been impossible to delete otherwise!

Brian

bwyoung
answered 3 years ago
0

How do I go about requesting a manual fix to this problem?

NimLND
answered 2 years ago

You are not logged in. Log in to post an answer.

A good answer clearly answers the question and provides constructive feedback and encourages professional growth in the question asker.

Guidelines for Answering Questions