Questions tagged with AWS Directory Service

Setting up SSRS in AWS RDS SQL but we don't have an AWS Managed MS AD. Is it possible to use local accounts instead?lg...

Purchased domain through AWS. Built site through Google. Trying to connect the two. Google can't (won't) verify based on TXT method after more than 72 hrs. DNS TXT is there. Any thing I might be missing?lg...

Hi Have configured AWS Managed Microsoft Active Directory as the Identity source in IAM Identity center and it was successful, However i am not able to see the users synced from AD to IAM Identify Centerlg...

I have a Simple AD directory that is stuck in the delete state for two days. Is there any way I can force this to delete? Please help. Many thanks.lg...

Hi, I'm trying to use my Timestream DB as a dataset for QuickSight BI. Both of them are in the ap-southeast-2 domain, but Timestream is not on the list. (Please find the attached screenshot). The only way I can make this work is by changing the domain to us-east-1,2. Is there any solution to this?? Enter image description here](/media/postImages/original/IMBuBmaHDGRsyCCHZbjfdglA)lg...

Using the following document, https://aws.amazon.com/blogs/security/how-to-enable-ldaps-for-your-aws-microsoft-ad-directory/, I'm attempting to set up server-side LDAPS. I'm running this from us-east-2. I've created a secret with the directory admin and password. Looks just like the example. I've created a S3 bucket that states Public accessible. For the * VPC CIDR - I used the IPV4 CDR for my VPC instance (172.31.0.0/16) * VPC ID - I used the only VPC instance I have. * CA(s) Subnet ID - Select one of the subnet the first subnet from my AD Networking Details, Subnets. * Domain Members Security Group ID - Added a SG for all traffic for 172.31.0.0/16 * Active Directory Domain Service Type - AWSManaged * Domain FQDN DNS Name - The Directory DNS name of the Directory * Domain NetBIOS Name - The Directory NetBIOS name of the Directory * IP used for DNS (Must be accessible) - First DNS address and Second DNS address * Secret ARN Containing CA Install Credentials - Using the ARN from the secret I created. * CA Deployment Type - Two Tier * Use S3 for CA CRL Location - Yes * CA CRL S3 Bucket Name - The name of the publicly accessible S3 bucket I created. After a while I get a CREATE_FAILED, Failed to receive 1 resource signal(s) within the specified duration for SubCA. I'm not sure on how to debug what took too long. Any help would be appreciated.lg...

We have hundreds of machines spread across 12 regions. We started implementing AWS Directory Service Managed AD with multi-region Replication and ran up against the 5 region limit (why the limit if I'm willing to pay for the additional regions?). We'd like to have all of the instances in the same domain as we are a global organization and use machines around the world for sales, service and support of our software products. What is the best practice and architecture **(and how)** to get domain services into the remaining 7 regions?lg...

We have an AD connector that cannot be deleted. We deleted the test AD instance run on EC2 which we have and then when we tried to delete the connector its failed It says the console is still attached as an authorized application. When I try to disable the console, it says "You cannot disable the AWS Management Console because delegated users are still assigned to it. Remove all users and groups from the IAM roles below and try again."lg...

i am running a wordpress instance on lightsail with static ip and am pointing my domain earthjay.com to this. the wordpress works. i want to be able to sftp upload files to a static directory that has the same domain. my wordpress has thousands of existing url links to files in a directory earthjay.com/earthquakes (and subsidiary directories, e.g., earthjay.com/earthquakes/20220914_norcal). i learned that i cannot create a directory 'earthquakes' within htdocs. i created a directory in htdocs, but when i enter that url earthjay.com/earthquakes, the browser just shows my wordpress site. can i use sftp to create a subdirectory in my lightsail space or do i need to create a separate instance where i can place these files. files i want to post include jpg/pngs, pdfs, and other files (e.g., *.docx, *.xlsx, *.zip, etc.). do i use a "bucket?" the key thing is that wherever i place these files, they need to have the ability to be found at e.g., earthjay.com/earthquakes/*.* thanks in advance for your kind assistance.lg...

Hi, I am using AWS IAM as IDP from Root account with AWS SSO (not AD or external), so I have AWS SSO and a SAML application for Jenkins configured on the root account. I have configured the SAML Jenkins app with the following attributes:  And i need propagate to Jenkins the groups to which that user belongs in the AWS SSO, to assign permissions in Jenkins according to the groups that the user has. Is it possible? Regards!lg...

Hi, I am trying to setup the ADFS with App Stream 2.0 with SAML Authentication, and have done all the steps for the needful (Referred from : https://aws.amazon.com/blogs/compute/enabling-identity-federation-with-ad-fs-3-0-and-amazon-appstream-2-0/ ) , but after login to App Stream relay state URL screen, system gives an error: "An unknown error occurred (1355)." As per my research its indicating some DNS issue. When we have checked my system ip configs, its displaying something like this : > **Windows IP Configuration** ( Host Name : EC2AMAZ-NMGRP10 [this is my server system name], Primary Dns Suffix : example.local. > **Ethernet adapter Ethernet** : Connection-specific DNS Suffix : sarvajeevan.com DNS Servers : ::1 127.0.0.1 Username for App Stream is : xyz@example.local As per my understanding, our Active directory domain name is **sarvajeevan.com**, but internal federation domain is **example.local**. Please help us to understand, we are doing something wrong or something needs to fix manually from Route 53 or something else ? Thankslg...

After adding an FSX for window service I can connect to it via the fsmgmt.msc, I can change file security but get an error stating "Changes cannot be saved. This shared resource does not exist. " . We are using AWS managed AD. Any help would be appreciated.lg...