SlideShare a Scribd company logo

WIN302-Deep Dive on Active Directory From One to Many AWS Regions.pdf

Amazon Web Services
Amazon Web Services

Deep Dive on Active Directory – From One to Many AWS Regions

1 of 31
Download to read offline
© 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved. AWS re:INVENT Deep Dive on Active Directory—From One to Many AWS Regions L o u D e L a T o r r e , S o l u t i o n s A r c h i t e c t V i n o d M a d a b u s h i , S o l u t i o n s A r c h i t e c t N o v e m b e r 2 7 , 2 0 1 7 W I N 3 0 2
© 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved. In This Session • The focus of this session is Active Directory Domain Services (AD DS) on Amazon Elastic Compute Cloud (Amazon EC2) • Importance of AD DS in the cloud • Considerations for deploying AD DS on Amazon Web Services (AWS) • Deploying AD DS on AWS—from one to many regions • Summary • Resources
© 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Active Directory
© 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved. What Is Active Directory? Active Directory • Domain Services • Federation Services • Certificate Services • Rights Management Services • Lightweight Directory Services Active Directory
© 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved. What Is Active Directory Domain Services? Active Directory Domain Services • It is both the directory information source and the service that makes the information available and useable • Essentially, it is a phonebook
© 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Why AD DS Is Important Active Directory Domain Services • Users • Servers • Clients • Network devices • Applications
© 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Why AD DS on AWS • Enterprise Adoption of AWS is Growing • Cloud is the new Normal • Enterprise have Microsoft applications that needs AD DS • AD DS on AWS provides low latency to Applications
© 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Partners can help Design & Migrate your AD • We have a large ecosystem of partners - Consulting & Technology Partners • From Large partners like Cognizant to regional partners like 2nd Watch. • Different level of partners including Competency • For more info: https://aws.amazon.com/partner s/consulting
© 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Deployment Scenarios in AWS Deployment Scenarios • Global deployments • Disaster recovery • Enterprise applications • Hybrid deployments
© 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Considerations for Deploying AD DS on AWS
© 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved. General Design Considerations • Customer responsible for patching, monitoring, backups, and high availability • Place domain controllers in a minimum of two Availability Zones to provide high availability • Treat Availability Zones as you would distinct data centers
© 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Security Considerations • Active Directory best practices still apply in AWS • Control access to your domain controller instances • Domain controllers should not be internet- facing • Place domain controllers and other non-internet facing servers in private subnets • Use NACLs and security groups to control what ports are open in Active Directory
© 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Networking Considerations • Replication topology • Understand your connectivity options • Needs for hybrid connectivity • AWS Direct Connect/ VPN/disconnected • When peering multiple VPCs, it’s sufficient to deploy DCs in a single VPC. Application servers in other VPCs can access the AD over VPC peering.
© 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved. IP Address and DNS Considerations • Reserved private IP addresses are assigned • It’s common practice to define separate subnets just for AD or use common services subnets to deploy DCs • Configure network properties with name and IP address of server that hosts the DC and DNS server roles • Use DHCP options set to configure instances in the VPC to point to the specified domain and DNS servers to resolve their domain names
© 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Multi-Region DC Considerations • Deploy domain controllers in both regions using multiple Availability Zones • It’s recommended to connect both regions to your data center to reduce AD replication latency • Use IPSec VPN tunnels between VPCs in different regions or transit VPCs • Consider using AWS or your data center as the backbone
© 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved. AD DS Configuration Considerations • Deploy a separate forest without any trusts • Connectivity between regions should be established for AD replication • Deploy a new forest with federation • Deploy a new forest with Windows Server Active Directory forest trust for Kerberos • Extend corp forest by deploying a replica DC • Extend corp forest by deploying a new child domain or domain tree
© 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Global Catalog Considerations • For single-domain forest, make all DCs GCs • For multi-domain forest, make all DCs GCs with the following exceptions • Limited bandwidth • Infrastructure operations master Role incompatibility
© 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved. DC Installation Considerations • Deploy Amazon EC2 for Windows and install AD DS using Windows PowerShell or DcPromo • Use VM Import to import a hardened on-premises image • Use Quick Start for automated deployments • http://docs.aws.amazon.com/quicks tart/latest/active-directory- ds/welcome.html
© 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved. AD Backup and Recovery Considerations • Do not use snapshots for AD DS Backups • Not crash consistent • VM ID not supported in Amazon EC2 • Use Windows System State backups • Create dedicated EBS volume for system state backups • Snapshot system state backups to Amazon S3/Amazon Glacier for long- term retention
© 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Office 365 Integration Considerations • Active Directory on Amazon EC2 • AD FS • Active Directory Sync • Active Directory service account • Microsoft Azure AD Connect Office 365 Azure AD AD on EC2 VPC ADFS ADSync
© 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved. AD DS on AWS Deployment Options
© 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Single Region/Single VPC Availability Zone A AWS Region Virtual Private Gateway Domain Controller(s) Availability Zone B VPC Customer network Domain Controller(s) Private subnet Private subnet
© 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Single Region/Multiple VPCs Availability Zone A AWS Region VPG Domain Controller(s) VPC Private subnet Availability Zone B Domain Controller(s) Private subnet Customer network VPC VPG VPC Peering Availability Zone Availability Zone OPTIONAL DC(s) OPTIONAL DC(s)
© 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Multiple Regions/Single VPC Availability Zone A AWS Region 1 DC(s) VPC Private subnet Availability Zone B DC(s) Private subnet Customer network VPG AWS Region 2 DC(s) VPC Private subnet DC(s) Private subnet Availability Zone BAvailability Zone A VPG Inter Region Connectivity
© 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Global Reference Architecture BranchNA HQ Dallas DX EU HQ Provider MPLS Network us-west-2 us-east-1 Seattle DX eu-west-2
© 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Demo
© 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved. DEMO – MULTI REGION Active Directory US-EAST-2 (OHIO) VPC Private subnet 1 Public subnet 1 Inter-Region VPN Private subnet 2 Public subnet 2 DC1 DC2 VPN Device EU-WEST-2 (LONDON) VPC Private subnet 1Public subnet 1 Private subnet 2Public subnet 2 DC3 DC4 VPN Device RDG NAT Gateway NAT Gateway RDG IGW IGW
© 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Summary • AD DS in AWS is required to support Windows workloads • AD DS best practices still apply in the cloud • Leverage AWS features and capabilities to more efficiently support your AD DS deployments in AWS • AWS Solutions and Quick Starts to quickly deploy a global AD DS environment • AWS is the best platform to host AD DS
© 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved. References AWS Solutions Transit VPC https://aws.amazon.com/answers/networking/aws-global-transit- network/ AWS AD DS Quick Start https://aws.amazon.com/quickstart/architecture/active-directory-ds/
© 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Related Sessions • WIN403 – AWS Directory Service for Microsoft Active Directory Deep Dive • WIN304 – How to Bring Microsoft Apps to AWS to unlock Your budget • WIN306 – Design, Deploy, and Optimize Microsoft SQL Server on AWS • WIN309 – How to Optimize AWS Architectures for SharePoint Deployments • WIN314 – Strategies for Migrating Microsoft SQL Databases to AWS
© 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Thank you!

Recommended

GPSTEC302_Anti-Patterns- Learning through Failure
GPSTEC302_Anti-Patterns- Learning through FailureGPSTEC302_Anti-Patterns- Learning through Failure
GPSTEC302_Anti-Patterns- Learning through FailureAmazon Web Services
 
SID201_IAM for Enterprises How Vanguard strikes the Balance Between Agility, ...
SID201_IAM for Enterprises How Vanguard strikes the Balance Between Agility, ...SID201_IAM for Enterprises How Vanguard strikes the Balance Between Agility, ...
SID201_IAM for Enterprises How Vanguard strikes the Balance Between Agility, ...Amazon Web Services
 
Modernize and Move your Microsoft Applications on AWS
Modernize and Move your Microsoft Applications on AWSModernize and Move your Microsoft Applications on AWS
Modernize and Move your Microsoft Applications on AWSAmazon Web Services
 
GPSBUS204_Building a Profitable Next Generation AWS MSP Practice
GPSBUS204_Building a Profitable Next Generation AWS MSP PracticeGPSBUS204_Building a Profitable Next Generation AWS MSP Practice
GPSBUS204_Building a Profitable Next Generation AWS MSP PracticeAmazon Web Services
 
WPS205_Is AWS GovCloud Right for your Regulated Workload
WPS205_Is AWS GovCloud Right for your Regulated WorkloadWPS205_Is AWS GovCloud Right for your Regulated Workload
WPS205_Is AWS GovCloud Right for your Regulated WorkloadAmazon Web Services
 
GPSTEC310_IAM Best Practices and Becoming an IAM Ninja
GPSTEC310_IAM Best Practices and Becoming an IAM NinjaGPSTEC310_IAM Best Practices and Becoming an IAM Ninja
GPSTEC310_IAM Best Practices and Becoming an IAM NinjaAmazon Web Services
 
GPSTEC316_GPS-Image Management Best Practices for Amazon WorkSpaces
GPSTEC316_GPS-Image Management Best Practices for Amazon WorkSpacesGPSTEC316_GPS-Image Management Best Practices for Amazon WorkSpaces
GPSTEC316_GPS-Image Management Best Practices for Amazon WorkSpacesAmazon Web Services
 
FSV305-Optimizing Payments Collections with Containers and Machine Learning
FSV305-Optimizing Payments Collections with Containers and Machine LearningFSV305-Optimizing Payments Collections with Containers and Machine Learning
FSV305-Optimizing Payments Collections with Containers and Machine LearningAmazon Web Services
 

Recommended

GPSTEC302_Anti-Patterns- Learning through Failure
GPSTEC302_Anti-Patterns- Learning through FailureGPSTEC302_Anti-Patterns- Learning through Failure
GPSTEC302_Anti-Patterns- Learning through FailureAmazon Web Services
 
SID201_IAM for Enterprises How Vanguard strikes the Balance Between Agility, ...
SID201_IAM for Enterprises How Vanguard strikes the Balance Between Agility, ...SID201_IAM for Enterprises How Vanguard strikes the Balance Between Agility, ...
SID201_IAM for Enterprises How Vanguard strikes the Balance Between Agility, ...Amazon Web Services
 
Modernize and Move your Microsoft Applications on AWS
Modernize and Move your Microsoft Applications on AWSModernize and Move your Microsoft Applications on AWS
Modernize and Move your Microsoft Applications on AWSAmazon Web Services
 
GPSBUS204_Building a Profitable Next Generation AWS MSP Practice
GPSBUS204_Building a Profitable Next Generation AWS MSP PracticeGPSBUS204_Building a Profitable Next Generation AWS MSP Practice
GPSBUS204_Building a Profitable Next Generation AWS MSP PracticeAmazon Web Services
 
WPS205_Is AWS GovCloud Right for your Regulated Workload
WPS205_Is AWS GovCloud Right for your Regulated WorkloadWPS205_Is AWS GovCloud Right for your Regulated Workload
WPS205_Is AWS GovCloud Right for your Regulated WorkloadAmazon Web Services
 
GPSTEC310_IAM Best Practices and Becoming an IAM Ninja
GPSTEC310_IAM Best Practices and Becoming an IAM NinjaGPSTEC310_IAM Best Practices and Becoming an IAM Ninja
GPSTEC310_IAM Best Practices and Becoming an IAM NinjaAmazon Web Services
 
GPSTEC316_GPS-Image Management Best Practices for Amazon WorkSpaces
GPSTEC316_GPS-Image Management Best Practices for Amazon WorkSpacesGPSTEC316_GPS-Image Management Best Practices for Amazon WorkSpaces
GPSTEC316_GPS-Image Management Best Practices for Amazon WorkSpacesAmazon Web Services
 
FSV305-Optimizing Payments Collections with Containers and Machine Learning
FSV305-Optimizing Payments Collections with Containers and Machine LearningFSV305-Optimizing Payments Collections with Containers and Machine Learning
FSV305-Optimizing Payments Collections with Containers and Machine LearningAmazon Web Services
 
HLC302_Adopting Microservices in Healthcare Building a Compliant DevOps Pipel...
HLC302_Adopting Microservices in Healthcare Building a Compliant DevOps Pipel...HLC302_Adopting Microservices in Healthcare Building a Compliant DevOps Pipel...
HLC302_Adopting Microservices in Healthcare Building a Compliant DevOps Pipel...Amazon Web Services
 
WIN204-Simplifying Microsoft Architectures with AWS Services
WIN204-Simplifying Microsoft Architectures with AWS ServicesWIN204-Simplifying Microsoft Architectures with AWS Services
WIN204-Simplifying Microsoft Architectures with AWS ServicesAmazon Web Services
 
SID344-Soup to Nuts Identity Federation for AWS
SID344-Soup to Nuts Identity Federation for AWSSID344-Soup to Nuts Identity Federation for AWS
SID344-Soup to Nuts Identity Federation for AWSAmazon Web Services
 
WPS301-Navigating HIPAA and HITRUST_QuickStart Guide to Account Gov Strat.pdf
WPS301-Navigating HIPAA and HITRUST_QuickStart Guide to Account Gov Strat.pdfWPS301-Navigating HIPAA and HITRUST_QuickStart Guide to Account Gov Strat.pdf
WPS301-Navigating HIPAA and HITRUST_QuickStart Guide to Account Gov Strat.pdfAmazon Web Services
 
SID301_Using AWS Lambda as a Security Team
SID301_Using AWS Lambda as a Security TeamSID301_Using AWS Lambda as a Security Team
SID301_Using AWS Lambda as a Security TeamAmazon Web Services
 
GPSTEC309-SaaS Monitoring Creating a Unified View of Multitenant Health featu...
GPSTEC309-SaaS Monitoring Creating a Unified View of Multitenant Health featu...GPSTEC309-SaaS Monitoring Creating a Unified View of Multitenant Health featu...
GPSTEC309-SaaS Monitoring Creating a Unified View of Multitenant Health featu...Amazon Web Services
 
GPSTEC321_VMware on AWS Cloud Technical Deep Dive & Native AWS Services Integ...
GPSTEC321_VMware on AWS Cloud Technical Deep Dive & Native AWS Services Integ...GPSTEC321_VMware on AWS Cloud Technical Deep Dive & Native AWS Services Integ...
GPSTEC321_VMware on AWS Cloud Technical Deep Dive & Native AWS Services Integ...Amazon Web Services
 
EUT303_Modernizing the Energy and Utilities Industry with IoT Moving SCADA to...
EUT303_Modernizing the Energy and Utilities Industry with IoT Moving SCADA to...EUT303_Modernizing the Energy and Utilities Industry with IoT Moving SCADA to...
EUT303_Modernizing the Energy and Utilities Industry with IoT Moving SCADA to...Amazon Web Services
 
GPSBUS202_Driving Customer Value with Big Data Analytics
GPSBUS202_Driving Customer Value with Big Data AnalyticsGPSBUS202_Driving Customer Value with Big Data Analytics
GPSBUS202_Driving Customer Value with Big Data AnalyticsAmazon Web Services
 
ENT324-Automating and Auditing Cloud Governance and Compliance in Multi-Accou...
ENT324-Automating and Auditing Cloud Governance and Compliance in Multi-Accou...ENT324-Automating and Auditing Cloud Governance and Compliance in Multi-Accou...
ENT324-Automating and Auditing Cloud Governance and Compliance in Multi-Accou...Amazon Web Services
 
DAT309_Best Practices for Migrating from Oracle and SQL Server to Amazon RDS
DAT309_Best Practices for Migrating from Oracle and SQL Server to Amazon RDSDAT309_Best Practices for Migrating from Oracle and SQL Server to Amazon RDS
DAT309_Best Practices for Migrating from Oracle and SQL Server to Amazon RDSAmazon Web Services
 
BAP203-Secure File Collaboration and Management Simplified with Amazon WorkDocs
BAP203-Secure File Collaboration and Management Simplified with Amazon WorkDocsBAP203-Secure File Collaboration and Management Simplified with Amazon WorkDocs
BAP203-Secure File Collaboration and Management Simplified with Amazon WorkDocsAmazon Web Services
 
AI & Deep Learning At Amazon
AI & Deep Learning At AmazonAI & Deep Learning At Amazon
AI & Deep Learning At AmazonAmazon Web Services
 
BAP202_Amazon Connect Delivers Personalized Customer Experiences for Your Clo...
BAP202_Amazon Connect Delivers Personalized Customer Experiences for Your Clo...BAP202_Amazon Connect Delivers Personalized Customer Experiences for Your Clo...
BAP202_Amazon Connect Delivers Personalized Customer Experiences for Your Clo...Amazon Web Services
 
Build a Website & Mobile App for your first 10 million users
Build a Website & Mobile App for your first 10 million usersBuild a Website & Mobile App for your first 10 million users
Build a Website & Mobile App for your first 10 million usersAmazon Web Services
 
SecOps 2021 Today: Using AWS Services to Deliver SecOps - SID304 - re:Invent ...
SecOps 2021 Today: Using AWS Services to Deliver SecOps - SID304 - re:Invent ...SecOps 2021 Today: Using AWS Services to Deliver SecOps - SID304 - re:Invent ...
SecOps 2021 Today: Using AWS Services to Deliver SecOps - SID304 - re:Invent ...Amazon Web Services
 
GPSTEC307_Too Many Tools
GPSTEC307_Too Many ToolsGPSTEC307_Too Many Tools
GPSTEC307_Too Many ToolsAmazon Web Services
 
Patterns and Considerations in Service Discovery - Con327 - re:Invent 2017
Patterns and Considerations in Service Discovery - Con327 - re:Invent 2017Patterns and Considerations in Service Discovery - Con327 - re:Invent 2017
Patterns and Considerations in Service Discovery - Con327 - re:Invent 2017Amazon Web Services
 
ENT315_Landing Zones
ENT315_Landing ZonesENT315_Landing Zones
ENT315_Landing ZonesAmazon Web Services
 
GPSTEC318-IoT Security from Manufacturing to Maintenance
GPSTEC318-IoT Security from Manufacturing to MaintenanceGPSTEC318-IoT Security from Manufacturing to Maintenance
GPSTEC318-IoT Security from Manufacturing to MaintenanceAmazon Web Services
 
Migrating Your Microsoft Applications to AWS - ENT325 - re:Invent 2017
Migrating Your Microsoft Applications to AWS - ENT325 - re:Invent 2017Migrating Your Microsoft Applications to AWS - ENT325 - re:Invent 2017
Migrating Your Microsoft Applications to AWS - ENT325 - re:Invent 2017Amazon Web Services
 
ENT201 Simplifying Microsoft Architectures with AWS Services
ENT201 Simplifying Microsoft Architectures with AWS ServicesENT201 Simplifying Microsoft Architectures with AWS Services
ENT201 Simplifying Microsoft Architectures with AWS ServicesAmazon Web Services
 

More Related Content

What's hot

HLC302_Adopting Microservices in Healthcare Building a Compliant DevOps Pipel...
HLC302_Adopting Microservices in Healthcare Building a Compliant DevOps Pipel...HLC302_Adopting Microservices in Healthcare Building a Compliant DevOps Pipel...
HLC302_Adopting Microservices in Healthcare Building a Compliant DevOps Pipel...Amazon Web Services
 
WIN204-Simplifying Microsoft Architectures with AWS Services
WIN204-Simplifying Microsoft Architectures with AWS ServicesWIN204-Simplifying Microsoft Architectures with AWS Services
WIN204-Simplifying Microsoft Architectures with AWS ServicesAmazon Web Services
 
SID344-Soup to Nuts Identity Federation for AWS
SID344-Soup to Nuts Identity Federation for AWSSID344-Soup to Nuts Identity Federation for AWS
SID344-Soup to Nuts Identity Federation for AWSAmazon Web Services
 
WPS301-Navigating HIPAA and HITRUST_QuickStart Guide to Account Gov Strat.pdf
WPS301-Navigating HIPAA and HITRUST_QuickStart Guide to Account Gov Strat.pdfWPS301-Navigating HIPAA and HITRUST_QuickStart Guide to Account Gov Strat.pdf
WPS301-Navigating HIPAA and HITRUST_QuickStart Guide to Account Gov Strat.pdfAmazon Web Services
 
SID301_Using AWS Lambda as a Security Team
SID301_Using AWS Lambda as a Security TeamSID301_Using AWS Lambda as a Security Team
SID301_Using AWS Lambda as a Security TeamAmazon Web Services
 
GPSTEC309-SaaS Monitoring Creating a Unified View of Multitenant Health featu...
GPSTEC309-SaaS Monitoring Creating a Unified View of Multitenant Health featu...GPSTEC309-SaaS Monitoring Creating a Unified View of Multitenant Health featu...
GPSTEC309-SaaS Monitoring Creating a Unified View of Multitenant Health featu...Amazon Web Services
 
GPSTEC321_VMware on AWS Cloud Technical Deep Dive & Native AWS Services Integ...
GPSTEC321_VMware on AWS Cloud Technical Deep Dive & Native AWS Services Integ...GPSTEC321_VMware on AWS Cloud Technical Deep Dive & Native AWS Services Integ...
GPSTEC321_VMware on AWS Cloud Technical Deep Dive & Native AWS Services Integ...Amazon Web Services
 
EUT303_Modernizing the Energy and Utilities Industry with IoT Moving SCADA to...
EUT303_Modernizing the Energy and Utilities Industry with IoT Moving SCADA to...EUT303_Modernizing the Energy and Utilities Industry with IoT Moving SCADA to...
EUT303_Modernizing the Energy and Utilities Industry with IoT Moving SCADA to...Amazon Web Services
 
GPSBUS202_Driving Customer Value with Big Data Analytics
GPSBUS202_Driving Customer Value with Big Data AnalyticsGPSBUS202_Driving Customer Value with Big Data Analytics
GPSBUS202_Driving Customer Value with Big Data AnalyticsAmazon Web Services
 
ENT324-Automating and Auditing Cloud Governance and Compliance in Multi-Accou...
ENT324-Automating and Auditing Cloud Governance and Compliance in Multi-Accou...ENT324-Automating and Auditing Cloud Governance and Compliance in Multi-Accou...
ENT324-Automating and Auditing Cloud Governance and Compliance in Multi-Accou...Amazon Web Services
 
DAT309_Best Practices for Migrating from Oracle and SQL Server to Amazon RDS
DAT309_Best Practices for Migrating from Oracle and SQL Server to Amazon RDSDAT309_Best Practices for Migrating from Oracle and SQL Server to Amazon RDS
DAT309_Best Practices for Migrating from Oracle and SQL Server to Amazon RDSAmazon Web Services
 
BAP203-Secure File Collaboration and Management Simplified with Amazon WorkDocs
BAP203-Secure File Collaboration and Management Simplified with Amazon WorkDocsBAP203-Secure File Collaboration and Management Simplified with Amazon WorkDocs
BAP203-Secure File Collaboration and Management Simplified with Amazon WorkDocsAmazon Web Services
 
BAP202_Amazon Connect Delivers Personalized Customer Experiences for Your Clo...
BAP202_Amazon Connect Delivers Personalized Customer Experiences for Your Clo...BAP202_Amazon Connect Delivers Personalized Customer Experiences for Your Clo...
BAP202_Amazon Connect Delivers Personalized Customer Experiences for Your Clo...Amazon Web Services
 
Build a Website & Mobile App for your first 10 million users
Build a Website & Mobile App for your first 10 million usersBuild a Website & Mobile App for your first 10 million users
Build a Website & Mobile App for your first 10 million usersAmazon Web Services
 
SecOps 2021 Today: Using AWS Services to Deliver SecOps - SID304 - re:Invent ...
SecOps 2021 Today: Using AWS Services to Deliver SecOps - SID304 - re:Invent ...SecOps 2021 Today: Using AWS Services to Deliver SecOps - SID304 - re:Invent ...
SecOps 2021 Today: Using AWS Services to Deliver SecOps - SID304 - re:Invent ...Amazon Web Services
 
Patterns and Considerations in Service Discovery - Con327 - re:Invent 2017
Patterns and Considerations in Service Discovery - Con327 - re:Invent 2017Patterns and Considerations in Service Discovery - Con327 - re:Invent 2017
Patterns and Considerations in Service Discovery - Con327 - re:Invent 2017Amazon Web Services
 
GPSTEC318-IoT Security from Manufacturing to Maintenance
GPSTEC318-IoT Security from Manufacturing to MaintenanceGPSTEC318-IoT Security from Manufacturing to Maintenance
GPSTEC318-IoT Security from Manufacturing to MaintenanceAmazon Web Services
 

What's hot (20)

HLC302_Adopting Microservices in Healthcare Building a Compliant DevOps Pipel...
HLC302_Adopting Microservices in Healthcare Building a Compliant DevOps Pipel...HLC302_Adopting Microservices in Healthcare Building a Compliant DevOps Pipel...
HLC302_Adopting Microservices in Healthcare Building a Compliant DevOps Pipel...
 
WIN204-Simplifying Microsoft Architectures with AWS Services
WIN204-Simplifying Microsoft Architectures with AWS ServicesWIN204-Simplifying Microsoft Architectures with AWS Services
WIN204-Simplifying Microsoft Architectures with AWS Services
 
SID344-Soup to Nuts Identity Federation for AWS
SID344-Soup to Nuts Identity Federation for AWSSID344-Soup to Nuts Identity Federation for AWS
SID344-Soup to Nuts Identity Federation for AWS
 
WPS301-Navigating HIPAA and HITRUST_QuickStart Guide to Account Gov Strat.pdf
WPS301-Navigating HIPAA and HITRUST_QuickStart Guide to Account Gov Strat.pdfWPS301-Navigating HIPAA and HITRUST_QuickStart Guide to Account Gov Strat.pdf
WPS301-Navigating HIPAA and HITRUST_QuickStart Guide to Account Gov Strat.pdf
 
SID301_Using AWS Lambda as a Security Team
SID301_Using AWS Lambda as a Security TeamSID301_Using AWS Lambda as a Security Team
SID301_Using AWS Lambda as a Security Team
 
GPSTEC309-SaaS Monitoring Creating a Unified View of Multitenant Health featu...
GPSTEC309-SaaS Monitoring Creating a Unified View of Multitenant Health featu...GPSTEC309-SaaS Monitoring Creating a Unified View of Multitenant Health featu...
GPSTEC309-SaaS Monitoring Creating a Unified View of Multitenant Health featu...
 
GPSTEC321_VMware on AWS Cloud Technical Deep Dive & Native AWS Services Integ...
GPSTEC321_VMware on AWS Cloud Technical Deep Dive & Native AWS Services Integ...GPSTEC321_VMware on AWS Cloud Technical Deep Dive & Native AWS Services Integ...
GPSTEC321_VMware on AWS Cloud Technical Deep Dive & Native AWS Services Integ...
 
EUT303_Modernizing the Energy and Utilities Industry with IoT Moving SCADA to...
EUT303_Modernizing the Energy and Utilities Industry with IoT Moving SCADA to...EUT303_Modernizing the Energy and Utilities Industry with IoT Moving SCADA to...
EUT303_Modernizing the Energy and Utilities Industry with IoT Moving SCADA to...
 
GPSBUS202_Driving Customer Value with Big Data Analytics
GPSBUS202_Driving Customer Value with Big Data AnalyticsGPSBUS202_Driving Customer Value with Big Data Analytics
GPSBUS202_Driving Customer Value with Big Data Analytics
 
ENT324-Automating and Auditing Cloud Governance and Compliance in Multi-Accou...
ENT324-Automating and Auditing Cloud Governance and Compliance in Multi-Accou...ENT324-Automating and Auditing Cloud Governance and Compliance in Multi-Accou...
ENT324-Automating and Auditing Cloud Governance and Compliance in Multi-Accou...
 
DAT309_Best Practices for Migrating from Oracle and SQL Server to Amazon RDS
DAT309_Best Practices for Migrating from Oracle and SQL Server to Amazon RDSDAT309_Best Practices for Migrating from Oracle and SQL Server to Amazon RDS
DAT309_Best Practices for Migrating from Oracle and SQL Server to Amazon RDS
 
BAP203-Secure File Collaboration and Management Simplified with Amazon WorkDocs
BAP203-Secure File Collaboration and Management Simplified with Amazon WorkDocsBAP203-Secure File Collaboration and Management Simplified with Amazon WorkDocs
BAP203-Secure File Collaboration and Management Simplified with Amazon WorkDocs
 
AI & Deep Learning At Amazon
AI & Deep Learning At AmazonAI & Deep Learning At Amazon
AI & Deep Learning At Amazon
 
BAP202_Amazon Connect Delivers Personalized Customer Experiences for Your Clo...
BAP202_Amazon Connect Delivers Personalized Customer Experiences for Your Clo...BAP202_Amazon Connect Delivers Personalized Customer Experiences for Your Clo...
BAP202_Amazon Connect Delivers Personalized Customer Experiences for Your Clo...
 
Build a Website & Mobile App for your first 10 million users
Build a Website & Mobile App for your first 10 million usersBuild a Website & Mobile App for your first 10 million users
Build a Website & Mobile App for your first 10 million users
 
SecOps 2021 Today: Using AWS Services to Deliver SecOps - SID304 - re:Invent ...
SecOps 2021 Today: Using AWS Services to Deliver SecOps - SID304 - re:Invent ...SecOps 2021 Today: Using AWS Services to Deliver SecOps - SID304 - re:Invent ...
SecOps 2021 Today: Using AWS Services to Deliver SecOps - SID304 - re:Invent ...
 
GPSTEC307_Too Many Tools
GPSTEC307_Too Many ToolsGPSTEC307_Too Many Tools
GPSTEC307_Too Many Tools
 
Patterns and Considerations in Service Discovery - Con327 - re:Invent 2017
Patterns and Considerations in Service Discovery - Con327 - re:Invent 2017Patterns and Considerations in Service Discovery - Con327 - re:Invent 2017
Patterns and Considerations in Service Discovery - Con327 - re:Invent 2017
 
ENT315_Landing Zones
ENT315_Landing ZonesENT315_Landing Zones
ENT315_Landing Zones
 
GPSTEC318-IoT Security from Manufacturing to Maintenance
GPSTEC318-IoT Security from Manufacturing to MaintenanceGPSTEC318-IoT Security from Manufacturing to Maintenance
GPSTEC318-IoT Security from Manufacturing to Maintenance
 

Similar to WIN302-Deep Dive on Active Directory From One to Many AWS Regions.pdf

Migrating Your Microsoft Applications to AWS - ENT325 - re:Invent 2017
Migrating Your Microsoft Applications to AWS - ENT325 - re:Invent 2017Migrating Your Microsoft Applications to AWS - ENT325 - re:Invent 2017
Migrating Your Microsoft Applications to AWS - ENT325 - re:Invent 2017Amazon Web Services
 
ENT201 Simplifying Microsoft Architectures with AWS Services
ENT201 Simplifying Microsoft Architectures with AWS ServicesENT201 Simplifying Microsoft Architectures with AWS Services
ENT201 Simplifying Microsoft Architectures with AWS ServicesAmazon Web Services
 
Best practices to Support Active Directory Aware Workloads on AWS
Best practices to Support Active Directory Aware Workloads on AWSBest practices to Support Active Directory Aware Workloads on AWS
Best practices to Support Active Directory Aware Workloads on AWSAmazon Web Services
 
Migrating Microsoft Workloads to AWS
Migrating Microsoft Workloads to AWSMigrating Microsoft Workloads to AWS
Migrating Microsoft Workloads to AWSAmazon Web Services
 
Migrate & Optimize Microsoft Applications on AWS
Migrate & Optimize Microsoft Applications on AWSMigrate & Optimize Microsoft Applications on AWS
Migrate & Optimize Microsoft Applications on AWSAmazon Web Services
 
Architecting-for-the-cloud-Best-Practices
Architecting-for-the-cloud-Best-PracticesArchitecting-for-the-cloud-Best-Practices
Architecting-for-the-cloud-Best-PracticesAmazon Web Services
 
WIN301-Migrating Microsoft SQL Server Databases to AWS-Best Practices and Pat...
WIN301-Migrating Microsoft SQL Server Databases to AWS-Best Practices and Pat...WIN301-Migrating Microsoft SQL Server Databases to AWS-Best Practices and Pat...
WIN301-Migrating Microsoft SQL Server Databases to AWS-Best Practices and Pat...Amazon Web Services
 
Migrating Microsoft SQL Server Databases to AWS – Best Practices and Patterns...
Migrating Microsoft SQL Server Databases to AWS – Best Practices and Patterns...Migrating Microsoft SQL Server Databases to AWS – Best Practices and Patterns...
Migrating Microsoft SQL Server Databases to AWS – Best Practices and Patterns...Amazon Web Services
 
SRV313_Building Resilient, Multi-Region Serverless Applications
SRV313_Building Resilient, Multi-Region Serverless ApplicationsSRV313_Building Resilient, Multi-Region Serverless Applications
SRV313_Building Resilient, Multi-Region Serverless ApplicationsAmazon Web Services
 
GPSWKS406-Migrating a Microsoft ASP.NET Application to AWS
GPSWKS406-Migrating a Microsoft ASP.NET Application to AWSGPSWKS406-Migrating a Microsoft ASP.NET Application to AWS
GPSWKS406-Migrating a Microsoft ASP.NET Application to AWSAmazon Web Services
 
GPSWKS407-Strategies for Migrating Microsoft SQL Databases to AWS
GPSWKS407-Strategies for Migrating Microsoft SQL Databases to AWSGPSWKS407-Strategies for Migrating Microsoft SQL Databases to AWS
GPSWKS407-Strategies for Migrating Microsoft SQL Databases to AWSAmazon Web Services
 
How to secure your Active Directory deployment on AWS - FND306-R - AWS re:Inf...
How to secure your Active Directory deployment on AWS - FND306-R - AWS re:Inf...How to secure your Active Directory deployment on AWS - FND306-R - AWS re:Inf...
How to secure your Active Directory deployment on AWS - FND306-R - AWS re:Inf...Amazon Web Services
 
GPSBUS220-Refactor and Replatform .NET Apps to Use the Latest Microsoft SQL S...
GPSBUS220-Refactor and Replatform .NET Apps to Use the Latest Microsoft SQL S...GPSBUS220-Refactor and Replatform .NET Apps to Use the Latest Microsoft SQL S...
GPSBUS220-Refactor and Replatform .NET Apps to Use the Latest Microsoft SQL S...Amazon Web Services
 
Verizon: Modernizing Enterprise Infrastructure with AWS - WIN307 - re:Invent ...
Verizon: Modernizing Enterprise Infrastructure with AWS - WIN307 - re:Invent ...Verizon: Modernizing Enterprise Infrastructure with AWS - WIN307 - re:Invent ...
Verizon: Modernizing Enterprise Infrastructure with AWS - WIN307 - re:Invent ...Amazon Web Services
 
Migration of Microsoft Workloads to AWS
Migration of Microsoft Workloads to AWSMigration of Microsoft Workloads to AWS
Migration of Microsoft Workloads to AWSAmazon Web Services
 
AWS re:Invent 2016: Best Practices for Integrating Active Directory with AWS ...
AWS re:Invent 2016: Best Practices for Integrating Active Directory with AWS ...AWS re:Invent 2016: Best Practices for Integrating Active Directory with AWS ...
AWS re:Invent 2016: Best Practices for Integrating Active Directory with AWS ...Amazon Web Services
 
SEC306 Using Microsoft Active Directory Across On-Premises and AWS Cloud Wind...
SEC306 Using Microsoft Active Directory Across On-Premises and AWS Cloud Wind...SEC306 Using Microsoft Active Directory Across On-Premises and AWS Cloud Wind...
SEC306 Using Microsoft Active Directory Across On-Premises and AWS Cloud Wind...Amazon Web Services
 
Modernizing DMS: Database Week SF
Modernizing DMS: Database Week SFModernizing DMS: Database Week SF
Modernizing DMS: Database Week SFAmazon Web Services
 
Simplifying Microsoft Architectures with AWS Services
Simplifying Microsoft Architectures with AWS Services Simplifying Microsoft Architectures with AWS Services
Simplifying Microsoft Architectures with AWS Services Amazon Web Services
 
Systems Operations for Windows Workloads
Systems Operations for Windows WorkloadsSystems Operations for Windows Workloads
Systems Operations for Windows WorkloadsAmazon Web Services
 

Similar to WIN302-Deep Dive on Active Directory From One to Many AWS Regions.pdf (20)

Migrating Your Microsoft Applications to AWS - ENT325 - re:Invent 2017
Migrating Your Microsoft Applications to AWS - ENT325 - re:Invent 2017Migrating Your Microsoft Applications to AWS - ENT325 - re:Invent 2017
Migrating Your Microsoft Applications to AWS - ENT325 - re:Invent 2017
 
ENT201 Simplifying Microsoft Architectures with AWS Services
ENT201 Simplifying Microsoft Architectures with AWS ServicesENT201 Simplifying Microsoft Architectures with AWS Services
ENT201 Simplifying Microsoft Architectures with AWS Services
 
Best practices to Support Active Directory Aware Workloads on AWS
Best practices to Support Active Directory Aware Workloads on AWSBest practices to Support Active Directory Aware Workloads on AWS
Best practices to Support Active Directory Aware Workloads on AWS
 
Migrating Microsoft Workloads to AWS
Migrating Microsoft Workloads to AWSMigrating Microsoft Workloads to AWS
Migrating Microsoft Workloads to AWS
 
Migrate & Optimize Microsoft Applications on AWS
Migrate & Optimize Microsoft Applications on AWSMigrate & Optimize Microsoft Applications on AWS
Migrate & Optimize Microsoft Applications on AWS
 
Architecting-for-the-cloud-Best-Practices
Architecting-for-the-cloud-Best-PracticesArchitecting-for-the-cloud-Best-Practices
Architecting-for-the-cloud-Best-Practices
 
WIN301-Migrating Microsoft SQL Server Databases to AWS-Best Practices and Pat...
WIN301-Migrating Microsoft SQL Server Databases to AWS-Best Practices and Pat...WIN301-Migrating Microsoft SQL Server Databases to AWS-Best Practices and Pat...
WIN301-Migrating Microsoft SQL Server Databases to AWS-Best Practices and Pat...
 
Migrating Microsoft SQL Server Databases to AWS – Best Practices and Patterns...
Migrating Microsoft SQL Server Databases to AWS – Best Practices and Patterns...Migrating Microsoft SQL Server Databases to AWS – Best Practices and Patterns...
Migrating Microsoft SQL Server Databases to AWS – Best Practices and Patterns...
 
SRV313_Building Resilient, Multi-Region Serverless Applications
SRV313_Building Resilient, Multi-Region Serverless ApplicationsSRV313_Building Resilient, Multi-Region Serverless Applications
SRV313_Building Resilient, Multi-Region Serverless Applications
 
GPSWKS406-Migrating a Microsoft ASP.NET Application to AWS
GPSWKS406-Migrating a Microsoft ASP.NET Application to AWSGPSWKS406-Migrating a Microsoft ASP.NET Application to AWS
GPSWKS406-Migrating a Microsoft ASP.NET Application to AWS
 
GPSWKS407-Strategies for Migrating Microsoft SQL Databases to AWS
GPSWKS407-Strategies for Migrating Microsoft SQL Databases to AWSGPSWKS407-Strategies for Migrating Microsoft SQL Databases to AWS
GPSWKS407-Strategies for Migrating Microsoft SQL Databases to AWS
 
How to secure your Active Directory deployment on AWS - FND306-R - AWS re:Inf...
How to secure your Active Directory deployment on AWS - FND306-R - AWS re:Inf...How to secure your Active Directory deployment on AWS - FND306-R - AWS re:Inf...
How to secure your Active Directory deployment on AWS - FND306-R - AWS re:Inf...
 
GPSBUS220-Refactor and Replatform .NET Apps to Use the Latest Microsoft SQL S...
GPSBUS220-Refactor and Replatform .NET Apps to Use the Latest Microsoft SQL S...GPSBUS220-Refactor and Replatform .NET Apps to Use the Latest Microsoft SQL S...
GPSBUS220-Refactor and Replatform .NET Apps to Use the Latest Microsoft SQL S...
 
Verizon: Modernizing Enterprise Infrastructure with AWS - WIN307 - re:Invent ...
Verizon: Modernizing Enterprise Infrastructure with AWS - WIN307 - re:Invent ...Verizon: Modernizing Enterprise Infrastructure with AWS - WIN307 - re:Invent ...
Verizon: Modernizing Enterprise Infrastructure with AWS - WIN307 - re:Invent ...
 
Migration of Microsoft Workloads to AWS
Migration of Microsoft Workloads to AWSMigration of Microsoft Workloads to AWS
Migration of Microsoft Workloads to AWS
 
AWS re:Invent 2016: Best Practices for Integrating Active Directory with AWS ...
AWS re:Invent 2016: Best Practices for Integrating Active Directory with AWS ...AWS re:Invent 2016: Best Practices for Integrating Active Directory with AWS ...
AWS re:Invent 2016: Best Practices for Integrating Active Directory with AWS ...
 
SEC306 Using Microsoft Active Directory Across On-Premises and AWS Cloud Wind...
SEC306 Using Microsoft Active Directory Across On-Premises and AWS Cloud Wind...SEC306 Using Microsoft Active Directory Across On-Premises and AWS Cloud Wind...
SEC306 Using Microsoft Active Directory Across On-Premises and AWS Cloud Wind...
 
Modernizing DMS: Database Week SF
Modernizing DMS: Database Week SFModernizing DMS: Database Week SF
Modernizing DMS: Database Week SF
 
Simplifying Microsoft Architectures with AWS Services
Simplifying Microsoft Architectures with AWS Services Simplifying Microsoft Architectures with AWS Services
Simplifying Microsoft Architectures with AWS Services
 
Systems Operations for Windows Workloads
Systems Operations for Windows WorkloadsSystems Operations for Windows Workloads
Systems Operations for Windows Workloads
 

More from Amazon Web Services

Come costruire servizi di Forecasting sfruttando algoritmi di ML e deep learn...
Come costruire servizi di Forecasting sfruttando algoritmi di ML e deep learn...Come costruire servizi di Forecasting sfruttando algoritmi di ML e deep learn...
Come costruire servizi di Forecasting sfruttando algoritmi di ML e deep learn...Amazon Web Services
 
Big Data per le Startup: come creare applicazioni Big Data in modalità Server...
Big Data per le Startup: come creare applicazioni Big Data in modalità Server...Big Data per le Startup: come creare applicazioni Big Data in modalità Server...
Big Data per le Startup: come creare applicazioni Big Data in modalità Server...Amazon Web Services
 
Esegui pod serverless con Amazon EKS e AWS Fargate
Esegui pod serverless con Amazon EKS e AWS FargateEsegui pod serverless con Amazon EKS e AWS Fargate
Esegui pod serverless con Amazon EKS e AWS FargateAmazon Web Services
 
Costruire Applicazioni Moderne con AWS
Costruire Applicazioni Moderne con AWSCostruire Applicazioni Moderne con AWS
Costruire Applicazioni Moderne con AWSAmazon Web Services
 
Come spendere fino al 90% in meno con i container e le istanze spot
Come spendere fino al 90% in meno con i container e le istanze spot Come spendere fino al 90% in meno con i container e le istanze spot
Come spendere fino al 90% in meno con i container e le istanze spot Amazon Web Services
 
Rendi unica l’offerta della tua startup sul mercato con i servizi Machine Lea...
Rendi unica l’offerta della tua startup sul mercato con i servizi Machine Lea...Rendi unica l’offerta della tua startup sul mercato con i servizi Machine Lea...
Rendi unica l’offerta della tua startup sul mercato con i servizi Machine Lea...Amazon Web Services
 
OpsWorks Configuration Management: automatizza la gestione e i deployment del...
OpsWorks Configuration Management: automatizza la gestione e i deployment del...OpsWorks Configuration Management: automatizza la gestione e i deployment del...
OpsWorks Configuration Management: automatizza la gestione e i deployment del...Amazon Web Services
 
Microsoft Active Directory su AWS per supportare i tuoi Windows Workloads
Microsoft Active Directory su AWS per supportare i tuoi Windows WorkloadsMicrosoft Active Directory su AWS per supportare i tuoi Windows Workloads
Microsoft Active Directory su AWS per supportare i tuoi Windows WorkloadsAmazon Web Services
 
Database Oracle e VMware Cloud on AWS i miti da sfatare
Database Oracle e VMware Cloud on AWS i miti da sfatareDatabase Oracle e VMware Cloud on AWS i miti da sfatare
Database Oracle e VMware Cloud on AWS i miti da sfatareAmazon Web Services
 
Crea la tua prima serverless ledger-based app con QLDB e NodeJS
Crea la tua prima serverless ledger-based app con QLDB e NodeJSCrea la tua prima serverless ledger-based app con QLDB e NodeJS
Crea la tua prima serverless ledger-based app con QLDB e NodeJSAmazon Web Services
 
API moderne real-time per applicazioni mobili e web
API moderne real-time per applicazioni mobili e webAPI moderne real-time per applicazioni mobili e web
API moderne real-time per applicazioni mobili e webAmazon Web Services
 
Database Oracle e VMware Cloud™ on AWS: i miti da sfatare
Database Oracle e VMware Cloud™ on AWS: i miti da sfatareDatabase Oracle e VMware Cloud™ on AWS: i miti da sfatare
Database Oracle e VMware Cloud™ on AWS: i miti da sfatareAmazon Web Services
 
Tools for building your MVP on AWS
Tools for building your MVP on AWSTools for building your MVP on AWS
Tools for building your MVP on AWSAmazon Web Services
 
How to Build a Winning Pitch Deck
How to Build a Winning Pitch DeckHow to Build a Winning Pitch Deck
How to Build a Winning Pitch DeckAmazon Web Services
 
Building a web application without servers
Building a web application without serversBuilding a web application without servers
Building a web application without serversAmazon Web Services
 
AWS_HK_StartupDay_Building Interactive websites while automating for efficien...
AWS_HK_StartupDay_Building Interactive websites while automating for efficien...AWS_HK_StartupDay_Building Interactive websites while automating for efficien...
AWS_HK_StartupDay_Building Interactive websites while automating for efficien...Amazon Web Services
 
Introduzione a Amazon Elastic Container Service
Introduzione a Amazon Elastic Container ServiceIntroduzione a Amazon Elastic Container Service
Introduzione a Amazon Elastic Container ServiceAmazon Web Services
 

More from Amazon Web Services (20)

Come costruire servizi di Forecasting sfruttando algoritmi di ML e deep learn...
Come costruire servizi di Forecasting sfruttando algoritmi di ML e deep learn...Come costruire servizi di Forecasting sfruttando algoritmi di ML e deep learn...
Come costruire servizi di Forecasting sfruttando algoritmi di ML e deep learn...
 
Big Data per le Startup: come creare applicazioni Big Data in modalità Server...
Big Data per le Startup: come creare applicazioni Big Data in modalità Server...Big Data per le Startup: come creare applicazioni Big Data in modalità Server...
Big Data per le Startup: come creare applicazioni Big Data in modalità Server...
 
Esegui pod serverless con Amazon EKS e AWS Fargate
Esegui pod serverless con Amazon EKS e AWS FargateEsegui pod serverless con Amazon EKS e AWS Fargate
Esegui pod serverless con Amazon EKS e AWS Fargate
 
Costruire Applicazioni Moderne con AWS
Costruire Applicazioni Moderne con AWSCostruire Applicazioni Moderne con AWS
Costruire Applicazioni Moderne con AWS
 
Come spendere fino al 90% in meno con i container e le istanze spot
Come spendere fino al 90% in meno con i container e le istanze spot Come spendere fino al 90% in meno con i container e le istanze spot
Come spendere fino al 90% in meno con i container e le istanze spot
 
Open banking as a service
Open banking as a serviceOpen banking as a service
Open banking as a service
 
Rendi unica l’offerta della tua startup sul mercato con i servizi Machine Lea...
Rendi unica l’offerta della tua startup sul mercato con i servizi Machine Lea...Rendi unica l’offerta della tua startup sul mercato con i servizi Machine Lea...
Rendi unica l’offerta della tua startup sul mercato con i servizi Machine Lea...
 
OpsWorks Configuration Management: automatizza la gestione e i deployment del...
OpsWorks Configuration Management: automatizza la gestione e i deployment del...OpsWorks Configuration Management: automatizza la gestione e i deployment del...
OpsWorks Configuration Management: automatizza la gestione e i deployment del...
 
Microsoft Active Directory su AWS per supportare i tuoi Windows Workloads
Microsoft Active Directory su AWS per supportare i tuoi Windows WorkloadsMicrosoft Active Directory su AWS per supportare i tuoi Windows Workloads
Microsoft Active Directory su AWS per supportare i tuoi Windows Workloads
 
Computer Vision con AWS
Computer Vision con AWSComputer Vision con AWS
Computer Vision con AWS
 
Database Oracle e VMware Cloud on AWS i miti da sfatare
Database Oracle e VMware Cloud on AWS i miti da sfatareDatabase Oracle e VMware Cloud on AWS i miti da sfatare
Database Oracle e VMware Cloud on AWS i miti da sfatare
 
Crea la tua prima serverless ledger-based app con QLDB e NodeJS
Crea la tua prima serverless ledger-based app con QLDB e NodeJSCrea la tua prima serverless ledger-based app con QLDB e NodeJS
Crea la tua prima serverless ledger-based app con QLDB e NodeJS
 
API moderne real-time per applicazioni mobili e web
API moderne real-time per applicazioni mobili e webAPI moderne real-time per applicazioni mobili e web
API moderne real-time per applicazioni mobili e web
 
Database Oracle e VMware Cloud™ on AWS: i miti da sfatare
Database Oracle e VMware Cloud™ on AWS: i miti da sfatareDatabase Oracle e VMware Cloud™ on AWS: i miti da sfatare
Database Oracle e VMware Cloud™ on AWS: i miti da sfatare
 
Tools for building your MVP on AWS
Tools for building your MVP on AWSTools for building your MVP on AWS
Tools for building your MVP on AWS
 
How to Build a Winning Pitch Deck
How to Build a Winning Pitch DeckHow to Build a Winning Pitch Deck
How to Build a Winning Pitch Deck
 
Building a web application without servers
Building a web application without serversBuilding a web application without servers
Building a web application without servers
 
Fundraising Essentials
Fundraising EssentialsFundraising Essentials
Fundraising Essentials
 
AWS_HK_StartupDay_Building Interactive websites while automating for efficien...
AWS_HK_StartupDay_Building Interactive websites while automating for efficien...AWS_HK_StartupDay_Building Interactive websites while automating for efficien...
AWS_HK_StartupDay_Building Interactive websites while automating for efficien...
 
Introduzione a Amazon Elastic Container Service
Introduzione a Amazon Elastic Container ServiceIntroduzione a Amazon Elastic Container Service
Introduzione a Amazon Elastic Container Service
 

WIN302-Deep Dive on Active Directory From One to Many AWS Regions.pdf

  • 1. © 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved. AWS re:INVENT Deep Dive on Active Directory—From One to Many AWS Regions L o u D e L a T o r r e , S o l u t i o n s A r c h i t e c t V i n o d M a d a b u s h i , S o l u t i o n s A r c h i t e c t N o v e m b e r 2 7 , 2 0 1 7 W I N 3 0 2
  • 2. © 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved. In This Session • The focus of this session is Active Directory Domain Services (AD DS) on Amazon Elastic Compute Cloud (Amazon EC2) • Importance of AD DS in the cloud • Considerations for deploying AD DS on Amazon Web Services (AWS) • Deploying AD DS on AWS—from one to many regions • Summary • Resources
  • 3. © 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Active Directory
  • 4. © 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved. What Is Active Directory? Active Directory • Domain Services • Federation Services • Certificate Services • Rights Management Services • Lightweight Directory Services Active Directory
  • 5. © 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved. What Is Active Directory Domain Services? Active Directory Domain Services • It is both the directory information source and the service that makes the information available and useable • Essentially, it is a phonebook
  • 6. © 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Why AD DS Is Important Active Directory Domain Services • Users • Servers • Clients • Network devices • Applications
  • 7. © 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Why AD DS on AWS • Enterprise Adoption of AWS is Growing • Cloud is the new Normal • Enterprise have Microsoft applications that needs AD DS • AD DS on AWS provides low latency to Applications
  • 8. © 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Partners can help Design & Migrate your AD • We have a large ecosystem of partners - Consulting & Technology Partners • From Large partners like Cognizant to regional partners like 2nd Watch. • Different level of partners including Competency • For more info: https://aws.amazon.com/partner s/consulting
  • 9. © 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Deployment Scenarios in AWS Deployment Scenarios • Global deployments • Disaster recovery • Enterprise applications • Hybrid deployments
  • 10. © 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Considerations for Deploying AD DS on AWS
  • 11. © 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved. General Design Considerations • Customer responsible for patching, monitoring, backups, and high availability • Place domain controllers in a minimum of two Availability Zones to provide high availability • Treat Availability Zones as you would distinct data centers
  • 12. © 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Security Considerations • Active Directory best practices still apply in AWS • Control access to your domain controller instances • Domain controllers should not be internet- facing • Place domain controllers and other non-internet facing servers in private subnets • Use NACLs and security groups to control what ports are open in Active Directory
  • 13. © 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Networking Considerations • Replication topology • Understand your connectivity options • Needs for hybrid connectivity • AWS Direct Connect/ VPN/disconnected • When peering multiple VPCs, it’s sufficient to deploy DCs in a single VPC. Application servers in other VPCs can access the AD over VPC peering.
  • 14. © 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved. IP Address and DNS Considerations • Reserved private IP addresses are assigned • It’s common practice to define separate subnets just for AD or use common services subnets to deploy DCs • Configure network properties with name and IP address of server that hosts the DC and DNS server roles • Use DHCP options set to configure instances in the VPC to point to the specified domain and DNS servers to resolve their domain names
  • 15. © 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Multi-Region DC Considerations • Deploy domain controllers in both regions using multiple Availability Zones • It’s recommended to connect both regions to your data center to reduce AD replication latency • Use IPSec VPN tunnels between VPCs in different regions or transit VPCs • Consider using AWS or your data center as the backbone
  • 16. © 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved. AD DS Configuration Considerations • Deploy a separate forest without any trusts • Connectivity between regions should be established for AD replication • Deploy a new forest with federation • Deploy a new forest with Windows Server Active Directory forest trust for Kerberos • Extend corp forest by deploying a replica DC • Extend corp forest by deploying a new child domain or domain tree
  • 17. © 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Global Catalog Considerations • For single-domain forest, make all DCs GCs • For multi-domain forest, make all DCs GCs with the following exceptions • Limited bandwidth • Infrastructure operations master Role incompatibility
  • 18. © 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved. DC Installation Considerations • Deploy Amazon EC2 for Windows and install AD DS using Windows PowerShell or DcPromo • Use VM Import to import a hardened on-premises image • Use Quick Start for automated deployments • http://docs.aws.amazon.com/quicks tart/latest/active-directory- ds/welcome.html
  • 19. © 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved. AD Backup and Recovery Considerations • Do not use snapshots for AD DS Backups • Not crash consistent • VM ID not supported in Amazon EC2 • Use Windows System State backups • Create dedicated EBS volume for system state backups • Snapshot system state backups to Amazon S3/Amazon Glacier for long- term retention
  • 20. © 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Office 365 Integration Considerations • Active Directory on Amazon EC2 • AD FS • Active Directory Sync • Active Directory service account • Microsoft Azure AD Connect Office 365 Azure AD AD on EC2 VPC ADFS ADSync
  • 21. © 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved. AD DS on AWS Deployment Options
  • 22. © 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Single Region/Single VPC Availability Zone A AWS Region Virtual Private Gateway Domain Controller(s) Availability Zone B VPC Customer network Domain Controller(s) Private subnet Private subnet
  • 23. © 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Single Region/Multiple VPCs Availability Zone A AWS Region VPG Domain Controller(s) VPC Private subnet Availability Zone B Domain Controller(s) Private subnet Customer network VPC VPG VPC Peering Availability Zone Availability Zone OPTIONAL DC(s) OPTIONAL DC(s)
  • 24. © 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Multiple Regions/Single VPC Availability Zone A AWS Region 1 DC(s) VPC Private subnet Availability Zone B DC(s) Private subnet Customer network VPG AWS Region 2 DC(s) VPC Private subnet DC(s) Private subnet Availability Zone BAvailability Zone A VPG Inter Region Connectivity
  • 25. © 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Global Reference Architecture BranchNA HQ Dallas DX EU HQ Provider MPLS Network us-west-2 us-east-1 Seattle DX eu-west-2
  • 26. © 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Demo
  • 27. © 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved. DEMO – MULTI REGION Active Directory US-EAST-2 (OHIO) VPC Private subnet 1 Public subnet 1 Inter-Region VPN Private subnet 2 Public subnet 2 DC1 DC2 VPN Device EU-WEST-2 (LONDON) VPC Private subnet 1Public subnet 1 Private subnet 2Public subnet 2 DC3 DC4 VPN Device RDG NAT Gateway NAT Gateway RDG IGW IGW
  • 28. © 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Summary • AD DS in AWS is required to support Windows workloads • AD DS best practices still apply in the cloud • Leverage AWS features and capabilities to more efficiently support your AD DS deployments in AWS • AWS Solutions and Quick Starts to quickly deploy a global AD DS environment • AWS is the best platform to host AD DS
  • 29. © 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved. References AWS Solutions Transit VPC https://aws.amazon.com/answers/networking/aws-global-transit- network/ AWS AD DS Quick Start https://aws.amazon.com/quickstart/architecture/active-directory-ds/
  • 30. © 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Related Sessions • WIN403 – AWS Directory Service for Microsoft Active Directory Deep Dive • WIN304 – How to Bring Microsoft Apps to AWS to unlock Your budget • WIN306 – Design, Deploy, and Optimize Microsoft SQL Server on AWS • WIN309 – How to Optimize AWS Architectures for SharePoint Deployments • WIN314 – Strategies for Migrating Microsoft SQL Databases to AWS
  • 31. © 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Thank you!