A Guide to Configure AWS AD Connector, Active Directory, and DNS for Windows Server

Overview

The step-by-step AWS AD Connector setup involves configuring Active Directory (AD) and Domain Name System (DNS) within a Windows Server 2012 R2 instance on Amazon Web Services (AWS). This process encompasses launching the Amazon EC2 instance, setting up AD Domain Services (AD DS), configuring DNS settings to ensure proper name resolution, and integrating AWS AD Connector for seamless authentication and integration of directory services. AWS IAM roles are also established to grant Amazon EC2 instances full access, ensuring a secure deployment and efficient resource management within the AWS environment. 

Introduction

Setting up AWS AD Connector involves integrating your on-premises Active Directory (AD) with AWS Directory Service to extend your directory into the cloud. This facilitates seamless user authentication and directory services for AWS resources. In the initial steps, you need to configure your on-premises Active Directory and ensure DNS resolution is correctly configured for your domain. AWS AD Connector acts as a bridge, allowing AWS resources to leverage your existing on-premises AD infrastructure, maintaining a unified identity and access management system across both on-premises and cloud environments. This integration is crucial for organizations seeking a hybrid cloud approach while maintaining a consistent and secure user experience.

Step-by-Step Guide

Step 1: Create a Windows Server 2012 R2 Instance

Log in to the AWS Management Console.

Navigate to the Amazon EC2 service.

Launch a new Amazon EC2 instance, choosing “Microsoft Windows Server 2012 R2 Base” as the AMI.

Configure the instance details, storage, tags, and security group as needed.

Review the settings and launch the instance.

Step 2: Once the instance is running, connect to it using Remote Desktop Protocol (RDP)

Upon login, change the default password to a secure one.

Step 3: Install AD DS Role and Features

Open Server Manager.

Click on “Manage” and select “Add Roles and Features.”

Choose “Active Directory Domain Services” from the list of roles and follow the wizard to install the role.

Complete the installation by accepting the default settings.

Step 4: Create a Forest (e.g., Shubham.in)

After the AD DS installation, a configuration wizard will appear. Choose “Add a new forest.”

Specify the root domain name (e.g., Shubham.in) and complete the wizard.

Step 5: Configure DNS

In Server Manager, select “Tools” and “DNS.”

Create a Reverse Lookup Zone for the subnet of your server.

Create a Forward Lookup Zone for your domain (Shubham.in).

Step 6: Configure Ethernet Settings

Open Ethernet, uncheck the ipv6 protocol, right-click on ipv4, and enter the private IP of the ec2 instance.

Step 7: Create a User and Password in AD

In Server Manager, select “Tools” and “Active Directory Users and Computers.”

Navigate to the Users container and create a new user with a password.

Step 8: AWS IAM Role for Amazon EC2 Full Access

Open the AWS Management Console.

Navigate to “IAM” (Identity and Access Management) service.

In the left navigation pane, select “Roles,” then click “Create role.”

Choose “Directory Services” as the service that will use this role.

Attach the policy “AmazonEC2FullAccess” to the role.

Complete the wizard and note the AWS IAM Role ARN.

Step 9: Create AWS Directory Services – AD Connector

In the AWS Management Console, navigate to “Directory Service.”

Click on “AD Connector.”

Choose your AD Connector, then go to the “Networking and security” tab.

In the “Application Management” Enable the Application access URL.

In the “Application Management” Enable AWS Management Console.

Add the user to “myrole” created in the Windows server.

AD connector is connected to the Windows server.

Conclusion

This facilitates a hybrid cloud environment, allowing organizations to leverage the benefits of AWS while maintaining a consistent, secure, and centralized user authentication system across both on-premises and cloud infrastructure.

Drop a query if you have any questions regarding AWS AD Connector and we will get back to you quickly.

About CloudThat

CloudThat is a leading provider of Cloud Training and Consulting services with a global presence in India, the USA, Asia, Europe, and Africa. Specializing in AWS, Microsoft Azure, GCP, VMware, Databricks, and more, the company serves mid-market and enterprise clients, offering comprehensive expertise in Cloud Migration, Data Platforms, DevOps, IoT, AI/ML, and more.

CloudThat is recognized as a top-tier partner with AWS and Microsoft, including the prestigious ‘Think Big’ partner award from AWS and the Microsoft Superstars FY 2023 award in Asia & India. Having trained 650k+ professionals in 500+ cloud certifications and completed 300+ consulting projects globally, CloudThat is an official AWS Advanced Consulting Partner, AWS Training Partner, AWS Migration Partner, AWS Data and Analytics Partner, AWS DevOps Competency Partner, Amazon QuickSight Service Delivery Partner, Amazon EKS Service Delivery Partner, Microsoft Gold Partner, AWS Microsoft Workload Partners, Amazon EC2 Service Delivery Partner, and many more.

To get started, go through our Consultancy page and Managed Services Package, CloudThat’s offerings.