AWS Directory Service Flashcards
What is the group of products belonging to Azure Directory Services?
- Simple AD
- Microsoft Active Directory
- AD Connector
- Amazon Cognets
- Amazon Cloud Directory
What is SimpleAD?
- Low-cost directory service based on Samba 4.
- Not a MS AD and wond work for large enterprise and complex environment.
- No trust relationships
- 10 Directory limit
What is Microsoft Active Directory?
- It is an MS cluster (HA), in Multi AZ.
- No federation
- Not for large scale applications
- More expensive then SimpleAD
What AD Connector
It is a proxy that bridges between on-prem and AD
I require an enterprise level AD, should i use SimpleAD or Microsoft AD services from AWS?
- No, both are not suitable for large scale enterprise-level deployments.
- Simple AD is Samba 4 and may not have 100% compatibility and functionality as expected by the enterprise application.
- Both are limited in size.
I need a 100% AD comp[atable directory service, what options do I have?
Use AWS Microsoft Active Directory service.
I wnat to create SSO with SimpleAD and AWS console, is this possible?
Yes
I wnat to create SSO with SimpleAD and AWS console, is this possible?
Yes
I wnat to create SSO with AWS Microsoft Active Directory and AWS console, is this possible?
Yes
I require an AD trust with existing AD, can I use Simple AD and if not what option do I have?
No, SimpleAD dose does not support trust relationships, but you can use AWD Mcrosoft AD.
I have an on-prem AD and I to connect AWS workspaces with it, what options do I have?
Use AWS AD Connector
What does AD connector do?
Its is provisioned in your VPC so you cna connect to it from both AWS services like IAM for SSO and also form EC2 instances wanting to join a domain. It extends the existing AD on-prem by connecting with the on-prem AD.
What does AWS cogneto provide?
Mobile directory services and federation with Facebook and Google.
What does AWS cogneto provide?
Web & Mobile directory services and federation with Facebook and Google.
Is SimpleAD, Microsoft AD and AD Connector all highly available?
Yes, they are all put in multiple AZs.
I need a 100% compatible Active Directory in AWS, that is my best option?
We would not use Simple AD as it is not 100% compatible, we would use Microsoft Directory Service form AWS. This is a managed service from AWS and gives you a 100% compatible Microsoft AD.
I have an AWS Microsoft Active Directory service deployed in my AWS account, I need to use web federation, what is my best option?
You can use when federation with AWS Microsoft AD
I am considering using AWS Microsoft Active Directory for a large scale AWS deployment, is AWS Microsoft AD a suitable option?
No, not for large scale and complex environments and is more suited to small to low-mid customers for small scale deployments.
I have been asked to implement an AWS Simple AD (LDAP), I have also been asked to make sure the deployment is highly available, what is my best option?
Use AWS Simple AD.
For Simple AD how many users can it support?
500 (small ) 5K (Large)
Can I use SimpleAD to create a trust relationship with an on-prem server?
No, this is not supported and you may be better to use AWS Microsoft AD service from AWS.
When Microsoft Active Directory is deployed, is it deployed as highly available?
Yes, there are two AZs and a primary and secondary AD.
I have an on-prem AD and I am extending my data centre into the AWS cloud, I wnat to create an AD in the AWS and set up a trust relationship between my on-prem AD and my new AWS AD I will be deploying. I have two options for ADS in AWS, Simple AD and Microsoft Active Directory, which is the most suitable option?
Microsoft AD as Simple AD does not allow trust relationships.
I have an on-prem AD and I wnat to use it as a directory service for the VM’s in my VPC, how cna I set this up?
Use AWS AD Connector, it will enable you to send the AD traffic from my VPC to the on-prem AD over VPN or DirectConnect.
