Cloud Cadet #4: AD and LDAP services within AWS

Welcome to episode four of Cloud Cadet. Today we are joined by instructor Stephen, and our co-hosts Anthony and Christophe. Stephen will be showing us some content for his course Active Directory and AWS.

This course stems from the need many enterprises have for Active Directory, which allows for credential management. Active Directory is stored on-site, but many need to extend their Active Directory environment to AWS. Today, you will discover the what, why, and how of Active Directory on AWS.

Topics include:

  • Setting up and managing services for AD with AWS solutions
  • Gaining fine-grain control by getting rid of permissions
  • Spinning up VPN instances
  • Looking inside site to site VPN
  • Binding Windows and Linux servers

Stephen first shows us an existing environment he has created by building two separate AWS accounts with separate VPCs. In them, he has spun up VPNs. For more details on how to perform these actions, please see the course itself.

He then uses an already existing AD domain controller located in one of these environments and shows us how to bind a Linux server using an AD credential to the AD environment. Additionally, both AWS accounts are tied together with an openswan VPN.

He walks us through a variety of options for these accounts and on-premise networks. The idea is that regardless of whether it is between various AWS accounts and regions, or an AWS account and on-premise servers, you can certainly have a site to site VPN connection set up. Stephen also explains how to work between various VPCs in different regions.

Stephen moves on to bind a Linux instance into his AD domain. This is done through an EC2 instance setup in AWS, where he sets up a user to use as a Linux credential, versus using local instance authentication. A step-by-step narration of this is also provided within the course.

Stephen then jumps into a Linux instance that he first had to bind with the domain. He joins this particular instance to the domain using a realm command.

We also learn that we have the opportunity only to allow certain users to bind through AD to our server, and have the chance to allow only serving groups in AD to log onto the domain.

This is where some of the power of managing Linux servers comes in, using existing enterprise solutions such as AD.

Thanks for tuning in for this week’s edition of Cloud Cadet. Be sure to stay tuned for all-new episodes coming soon.

One thought on “Cloud Cadet #4: AD and LDAP services within AWS

  1. I’m not sure the place you are getting your information, but good
    topic. I must spend a while finding out much more or
    working out more. Thank you for magnificent info I used to be on the lookout for this information for my mission.

Leave a Reply

Your email address will not be published. Required fields are marked *