Active Directory allows developers to integrate Amazon WorkSpaces instances with a local data center for a more...
By submitting your personal information, you agree that TechTarget and its partners may contact you regarding relevant content, products and special offers.
consistent end-user experience. And integrating on-premises and cloud environments gives WorkSpaces instances added flexibility.
A Microsoft Active Directory (Microsoft AD) connection enables end users to access both WorkSpaces and company resources via existing credentials. This single sign-on creates a more seamless end-user experience and often cuts down on IT admin support for lost or forgotten passwords. Integration with Amazon Virtual Private Cloud or AWS Direct Connect is also secured.
There are two ways to establish a Microsoft AD connection. Administrators can set up an inter-forest trust relationship with the AWS Directory Service for the AD domain controller. This approach works best when an on-premises environment uses multiple AD domains. It requires only a single-trust relationship between on-premises AD and the Microsoft AD domain controller. Administrators can then assign Amazon WorkSpaces to end users in any on-premises domain. Microsoft AD automatically identifies and directs authentication requests to the proper domain controller.
Administrators also can use Active Directory Connector to proxy AD authentication requests. This requires a separate AD Connector for each on-premises domain where users receive WorkSpaces instances. But the process is often easier when the on-premises environment uses only one domain, which is preferable for testing.
Connecting Amazon WorkSpaces to on-premises domains enables end users to recover lost passwords using the same protocol or process as they would in traditional on-premises scenarios. For example, if password recovery or resets are handled through the help desk, integrated WorkSpaces users will also direct users to those same resources. AWS documentation provides more information about establishing, maintaining and troubleshooting a Microsoft AD connection with WorkSpaces.
Amazon WorkSpaces also connects with different applications that run in Elastic Compute Cloud (EC2) instances in either conventional or Amazon Virtual Private Cloud environments. Administrators need to configure the proper routing tables, security groups and network access control lists to access certain EC2 instances to facilitate a Microsoft AD connection.
Learn how VDI works on AWS
What other cloud directory services does AWS support?
Know these five Amazon WorkSpaces management tasks
Dig Deeper on Amazon WorkSpaces and other DaaS options
Related Q&A from Stephen J. Bigelow
VMware VIC security features, like isolation and user authentication, can improve enterprise container security so long as proper configuration and ...continue reading
VSphere Integrated Containers uses a combination of VIC engine, Project Harbor, Project Admiral and Photon OS to handle container provisioning, ...continue reading
OpenStack scheduled numerous hypervisors for deprecation in 2014's OpenStack Icehouse, but no others are scheduled for future releases, up to and ...continue reading
Have a question for an expert?
Please add a title for your question
Get answers from a TechTarget expert on whatever's puzzling you.