Reputation: 356
AWS Microsoft AD
I have couple of .net web applications installed on the EC2 instance on the AWS cloud. Have one requirement to implement the single sign on using the AWS directory service(AWS Microsopft AD). I do have the AWS Microsoft AD in place.
Now the questions are
Cannot see any place from I can create the users and manage the group for the AD. (documentation are saying i need to have another ec2 instance with active directory installed and connect to AWS AD as a client). is there any simple way to do this.
For Adding the .net application for SSO i need to add application in the Amazon workspace application manager and create the package etc. which is kind of complicated. Do we have a simple way to just add the application like we can do in the Azure AD service.
Any Pointer and documentation is appreciated.
Upvotes: 0
Views: 223
Answers (1)
Reputation: 1973
- Cannot see any place from I can create the users and manage the group for the AD. (documentation are saying i need to have another ec2 instance with active directory installed and connect to AWS AD as a client). is there any simple way to do this.
You will need to deploy the Active Directory Users and Computers MMC Snap-In on a machine that is deployed to the Domain (a quick Google of 'active directory users and computers [+ Your Target OS]' should provide the relevant instructions).
That machine can either be a new or existing (domain-joined) EC2 Instance or an Amazon Workspace instance. Internally we have a dedicated 'Admin' Workspace Instance that we use for all administrative functions, which includes the A/D Users and Computers MMC. Make sure that you log-in to this machine as a user that has relevant A/D permissions to make changes.
- For Adding the .net application for SSO i need to add application in the Amazon workspace application manager and create the package etc. which is kind of complicated. Do we have a simple way to just add the application like we can do in the Azure AD service.
You have a couple of options for deploying applications to Amazon Workspaces:
Install the .Net Application the traditional way on each Workspace instance - This is by-far the easiest option, but is the most time-consuming as you will need to run the installer on each instance; in addition, if you re-build your Workspace from a custom 'Golden Image' or from its original base image, you will lose any apps you install manually.
Create a new custom 'Golden Image' that contains the .Net Application - You only need to install the application once into the Golden Image and then rebuild each user's Workspace Instance with that new image; any files they have on their User Drive will be retained during the re-build process.
Deploy through Active Directory Group Policy - Given that you are using AWS Microsoft AD as your Workspaces Directory Solution AND given that AWS Microsoft AD is a deployment of Active Directory Domain Services (AD DS) Enterprise Edition, anything you can do with AD DS can also be achieved with AWS Microsoft AD - i.e. push your .Net Application to your target Workspaces instances using A/D Group Policy.
Upvotes: 1
Related Questions
- AWS Global Services
- How to Join Local Windows Machine to AWS Active Directory
- Why can't I join my AWS EC2 instance to Active Directory?
- MS-SQL Database not added to AD-Services?
- Using Azure AD as a identity provider for AWS
- IdentityServer3 vs Azure Active Directory vs AWS Directory Services
- Windows Server 2016 ADFS - Integration with AWS Directory Service
- AWS Federated User Mapping
- Azure Domain Services
- How do I create a user in Amazon Directory Services Simple AD?