Sunday, November 4, 2012

Microsoft Active Directory with AWS


Microsoft Active Directory (or any compliant LDAP Server) can be used for application level authorization and authentication. 
There are three options you can use for this:
1. Run Microsoft Active Directory on AWS/EC2.  This option means that if you are running Active Directory in your on-premise location you will be running a separate MS Active Directory instance.
2. All authentication and authorization is handled by Microsoft AD on premise.  This means all calls to MS AD will have to go over the internet or a AWS DirectConnect connection. Be aware you will take a performance hit here.
3. Set up MS AD on AWS/EC2 and sync it with you on-premise MS AD installation. The syncing can be done using Microsoft’s Active Directory Federation Services (AD FS) technology.  More information can be found here:   http://media.amazonwebservices.com/EC2_ADFS_howto_2.0.pdf.

When using an on-premise MS AD or using MS Active Directory Federation Services, you will need to set up to secure connection using AWS VPC.

No comments:

Post a Comment