SAP-CO2
AWS Directory Services – Simple AD
Powered by Samba 4, compatible wit Microsoft AD Does not support MFA, RDS SQL Server, AWS SSO Supports joining EC2 instance, manage users and groups Inexpensive AD Basic AD compatible, LDAP compatibility No trust relationship setup
AWS Directory Services AD Connector
AD Connector is a directory gateway to redirect directory requests to your on-premises Microsoft Active Directory Manage users solely on-premises Require Direct Connect (DX) or VPN setup No caching capability
AWS Managed Microsoft AD Replication with On-prem AD solution architecture
To minimize latency of in case Direct Connect (DX) or VPN goes down then we need to create a replica of on-prem AD on AWS EC2 The trust relationship is now between EC2 and the AWS Managed Microsoft AD
AWS Managed Microsoft AD – Connect to on-premise Active Directory (AD)
Must establish a Direct Connect (DX) or VPN connection Setup forest trust (One-way trust or Two-way forest trust) Replication is not supported