SlideShare une entreprise Scribd logo

Using Microsoft Active Directory across On-premises and Cloud Workloads

Télécharger en tant que PPTX, PDF
Amazon Web Services
Amazon Web Services

Learning Objectives: - Learn how to setup SSO for your .NET applications, Amazon QuickSight, and AWS Enterprise IT Applications such as Amazon Workspaces. - Learn how to manage your AWS Cloud Windows workloads such as Amazon EC2 for Windows Server and Amazon RDS SQL Server using GPOs. - Learn how to configure trusts between your on-premises and AWS Cloud Microsoft Active Directory domains securely. Managing your AWS Cloud Windows workloads using Microsoft Active Directory doesn’t require complex networking or synching your identity data across multiple systems. AWS Directory Service for Microsoft Active Directory offers you actual Microsoft Active Directory as a managed service. Attend this tech talk to become an expert at managing single sign-on (SSO) and Group Policy objects (GPOs) for your AWS Cloud Windows workloads. You will also see a demonstration on how to configure trusts between your on-premises and AWS Cloud Microsoft Active Directory domains securely.

Technologie
1  sur  34
© 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Ron Cully, Sr. Product Manager, AWS Directory Service Julien Lépine, Principal Solutions Architect, AWS June 14th, 2017 AWS Directory Service for Microsoft Active Directory
Quick word on logistics Content of today’s webinar • Presentation: 30 minutes • Q&A: 15 minutes Please ask questions in the questions pane Slides are available for download after the webinar
What to expect from this webinar • Examples of how AWS Cloud workloads use Active Directory • Options for integrating your AWS Cloud workloads with Active Directory • An introduction to AWS Directory Service for Microsoft Active Directory (AWS Microsoft AD) • Overview of identity federation using AWS Microsoft AD • A deep-dive on setting up trusts to your on-premises Active Directory domain securely • Guidance on how to administer your AWS managed domain
Why AWS Cloud Windows workloads need Microsoft Active Directory (AD) • Enable single sign-on (SSO) to applications running on the AWS Cloud and AWS services, such as Amazon Workspaces • Manage access to your AWS Cloud resources using AD groups • Enforce policies for Amazon EC2 Windows Server instances and Amazon RDS for SQL Server via AD Group Policy objects
Options for using Active Directory in the AWS Cloud • Use AWS Directory Service for Microsoft Active Directory (AWS Microsoft AD) • Deploy and manage your own Active Directory on Amazon EC2 • Domain join your AWS Cloud resources to your on- premises Active Directory domain (not covered in this webinar)
Poll Question How do you use Active Directory with your AWS Cloud workloads today? a) AWS Directory Service for Microsoft Active Directory b) Active Directory running on Amazon EC2 Windows Server c) Domain join my workloads to my on-premises Active Directory d) Other (Simple AD, AD Connector, etc.) e) No solution – this is a blocker for cloud adoption
Active Directory best practices on AWS Availability Zone B Private subnet DC2 Availability Zone A Private subnet DC1 company.local RELIABILITY COMPLIANCEGLOBAL REACH SECURITY Amazon VPC in an AWS Region
Hybrid integrated enterprise Availability Zone B Private subnet DC4 Corporate Network London DC1 Paris DC2 Cost 50 Availability Zone A Private subnet DC3 company.local company.local VPN AWS Direct Connect Amazon VPC in an AWS Region
Hybrid with resource forest Availability Zone B Private subnet DC4 Corporate Network London DC1 Paris DC2Availability Zone A Private subnet DC3 company.local company.cloud VPN AWS Direct Connect Amazon VPC in an AWS Region
Hybrid with resource forest Availability Zone B Private subnet Corporate Network London DC1 Paris DC2Availability Zone A Private subnet company.local company.cloud VPN AWS Direct Connect Amazon VPC in an AWS Region AWS Directory Service
AWS Directory Service for Microsoft Active Directory Highly available and managed directory Built on actual Microsoft Active Directory running on Windows Server 2012 R2 Extends your on- premises domain to the AWS Cloud without synching identity data Managed Microsoft Active Directory running in the AWS Cloud
Poll Question Which benefit of AWS Directory Service for Microsoft Active Directory is most important to you? a) Highly available managed infrastructure b) Built on actual Microsoft Active Directory c) Does not require you to sync your identities to the AWS Cloud
Create a trust CONTROL COMPLIANCE
Identity federation Active Directory Users Enterprise Applications Corporate Systems AWS Identity and Access Management (IAM) IAM roles Amazon EC2 Amazon DynamoDB Amazon S3
Federation with AWS Microsoft AD
New: advanced security with MFA
Advanced applications support Microsoft SharePoint Microsoft SQL Server Always On Availability Groups Microsoft Dynamics
Forest Trusts Time tested, secure model The trusting forest has no admin control over the trusted forest Trusted users have cloud resource access, only if entitled by trusting admins (you control both sides) Resources in the cloud have no access to on-premises resources unless on-premises trusts the cloud AND on-premises admins grant permissions to user identities in the cloud AD AD On-premises network VPC Trust AWS Managed Microsoft AD DC Windows AD DC Access Security group (access entitlements here) Security group Trusting Trusted Cloud On-premises
No trust vs. 1-way vs. 2-way trusts Do you need users from one forest to access resources in another forest? • If no, use no trust Can you use only a 1-way trust? • If yes, only use 1-way • RDS for SQL Server with on-premises users requires at least 1-way Is a 2-way trust required? • If yes, use 2-way trust • WorkSpaces, QuickSight Enterprise Edition, and Chime use 2-way trusts • On-premises to AWS Managed Microsoft AD trust used only to read users/groups to provision them into the application Always Secure Your Trust
Securing trusts Leave SID filtering on when setting up the on-premises side of a trust Turn on selective authentication on the on-premises side of a trust • https://technet.microsoft.com/en-us/library/cc755321(v=ws.10).aspx#w2k3tr_trust_security_zyzk Only permit AD trust ports to the DCs in the cloud • https://technet.microsoft.com/en-us/library/cc756944(v=ws.10).aspx For cloud-client-to-AD, only permit AD authentication ports to on-premises AD; minimize all other ports from cloud to on-premises (e.g., WorkSpaces login using on-premises credentials) • https://support.microsoft.com/en-us/help/179442/how-to-configure-a-firewall-for-domains-and-trusts Don’t grant groups in the cloud access to on-premises resources
Managing users and computers DOMAIN JOINED INSTANCE FAMILIAR TOOLS
GPO management SSO WORKSPACES AMAZON EC2
Seamless domain join
Amazon EC2 System Manager run command aws ssm send-command --document-name "AWS-JoinDirectoryServiceDomain” --document-description "Join your instances to an AWS Directory Service domain.” --instance-ids "i-0123456789abcdef0” --parameters '{"directoryId":["d-0123456789"], "dnsIpAddresses":["172.31.99.48","172.31.174.16"], "directoryName":["dub.lepine.local"]}’ --timeout-seconds 600 --region eu-west-1
Amazon RDS for SQL Server domain integrated
Auditing your AWS Microsoft AD logs SECURITY DNS
Auditing using AWS CloudTrail FULL VISIBILITY AUDITABILITY
Other AWS Microsoft AD features • Automated Daily Snapshots • Extensible Active Directory Schema • Fine grained password policies • Amazon SNS-based monitoring and alerting • Amazon Enterprise Applications management
Network security
Network auditing
More interactivity
What we covered • Best practices for using Microsoft Active Directory with your AWS Cloud workloads • Extending your on-premises Active Directory to the AWS Cloud • Managing your AWS Microsoft AD domain • Auditing and securing your AWS Cloud environment
How to get started 30-day limited free trial available to try AWS Microsoft AD at no additional charge! Visit our website to learn more aws.amazon.com/directoryservice
Q&A

Recommandé

SEC306 Using Microsoft Active Directory Across On-Premises and AWS Cloud Wind...
SEC306 Using Microsoft Active Directory Across On-Premises and AWS Cloud Wind...SEC306 Using Microsoft Active Directory Across On-Premises and AWS Cloud Wind...
SEC306 Using Microsoft Active Directory Across On-Premises and AWS Cloud Wind...Amazon Web Services
 
Scaling Up to Your First 10 Million Users
Scaling Up to Your First 10 Million UsersScaling Up to Your First 10 Million Users
Scaling Up to Your First 10 Million UsersAmazon Web Services
 
AWS re:Invent 2016: Best Practices for Integrating Active Directory with AWS ...
AWS re:Invent 2016: Best Practices for Integrating Active Directory with AWS ...AWS re:Invent 2016: Best Practices for Integrating Active Directory with AWS ...
AWS re:Invent 2016: Best Practices for Integrating Active Directory with AWS ...Amazon Web Services
 
Protecting Your Data in AWS
Protecting Your Data in AWSProtecting Your Data in AWS
Protecting Your Data in AWSAmazon Web Services
 
Deep Dive on Serverless Stack
Deep Dive on Serverless StackDeep Dive on Serverless Stack
Deep Dive on Serverless StackAmazon Web Services
 
Choosing the Right Cloud Storage for Media and Entertainment Workloads - Apri...
Choosing the Right Cloud Storage for Media and Entertainment Workloads - Apri...Choosing the Right Cloud Storage for Media and Entertainment Workloads - Apri...
Choosing the Right Cloud Storage for Media and Entertainment Workloads - Apri...Amazon Web Services
 
SMC301 The State of Serverless Computing
SMC301 The State of Serverless ComputingSMC301 The State of Serverless Computing
SMC301 The State of Serverless ComputingAmazon Web Services
 
AWS Innovate: Best of Both Worlds: Leveraging Hybrid IT with AWS- Dhruv Singhal
AWS Innovate: Best of Both Worlds: Leveraging Hybrid IT with AWS- Dhruv SinghalAWS Innovate: Best of Both Worlds: Leveraging Hybrid IT with AWS- Dhruv Singhal
AWS Innovate: Best of Both Worlds: Leveraging Hybrid IT with AWS- Dhruv SinghalAmazon Web Services Korea
 

Recommandé

SEC306 Using Microsoft Active Directory Across On-Premises and AWS Cloud Wind...
SEC306 Using Microsoft Active Directory Across On-Premises and AWS Cloud Wind...SEC306 Using Microsoft Active Directory Across On-Premises and AWS Cloud Wind...
SEC306 Using Microsoft Active Directory Across On-Premises and AWS Cloud Wind...Amazon Web Services
 
Scaling Up to Your First 10 Million Users
Scaling Up to Your First 10 Million UsersScaling Up to Your First 10 Million Users
Scaling Up to Your First 10 Million UsersAmazon Web Services
 
AWS re:Invent 2016: Best Practices for Integrating Active Directory with AWS ...
AWS re:Invent 2016: Best Practices for Integrating Active Directory with AWS ...AWS re:Invent 2016: Best Practices for Integrating Active Directory with AWS ...
AWS re:Invent 2016: Best Practices for Integrating Active Directory with AWS ...Amazon Web Services
 
Protecting Your Data in AWS
Protecting Your Data in AWSProtecting Your Data in AWS
Protecting Your Data in AWSAmazon Web Services
 
Deep Dive on Serverless Stack
Deep Dive on Serverless StackDeep Dive on Serverless Stack
Deep Dive on Serverless StackAmazon Web Services
 
Choosing the Right Cloud Storage for Media and Entertainment Workloads - Apri...
Choosing the Right Cloud Storage for Media and Entertainment Workloads - Apri...Choosing the Right Cloud Storage for Media and Entertainment Workloads - Apri...
Choosing the Right Cloud Storage for Media and Entertainment Workloads - Apri...Amazon Web Services
 
SMC301 The State of Serverless Computing
SMC301 The State of Serverless ComputingSMC301 The State of Serverless Computing
SMC301 The State of Serverless ComputingAmazon Web Services
 
AWS Innovate: Best of Both Worlds: Leveraging Hybrid IT with AWS- Dhruv Singhal
AWS Innovate: Best of Both Worlds: Leveraging Hybrid IT with AWS- Dhruv SinghalAWS Innovate: Best of Both Worlds: Leveraging Hybrid IT with AWS- Dhruv Singhal
AWS Innovate: Best of Both Worlds: Leveraging Hybrid IT with AWS- Dhruv SinghalAmazon Web Services Korea
 
Extending Datacenters to the Cloud: Connectivity Options and Considerations f...
Extending Datacenters to the Cloud: Connectivity Options and Considerations f...Extending Datacenters to the Cloud: Connectivity Options and Considerations f...
Extending Datacenters to the Cloud: Connectivity Options and Considerations f...Amazon Web Services
 
SRV418 Deep Dive on Accelerating Content, APIs, and Applications with Amazon ...
SRV418 Deep Dive on Accelerating Content, APIs, and Applications with Amazon ...SRV418 Deep Dive on Accelerating Content, APIs, and Applications with Amazon ...
SRV418 Deep Dive on Accelerating Content, APIs, and Applications with Amazon ...Amazon Web Services
 
Getting Started with AWS Lambda and the Serverless Cloud
Getting Started with AWS Lambda and the Serverless CloudGetting Started with AWS Lambda and the Serverless Cloud
Getting Started with AWS Lambda and the Serverless CloudAmazon Web Services
 
GitHub Enterprise 及運用 Codedeploy 實現自動化
GitHub Enterprise 及運用 Codedeploy 實現自動化GitHub Enterprise 及運用 Codedeploy 實現自動化
GitHub Enterprise 及運用 Codedeploy 實現自動化Amazon Web Services
 
SEC306 Using Microsoft Active Directory Across On-Premises and AWS Cloud Wind...
SEC306 Using Microsoft Active Directory Across On-Premises and AWS Cloud Wind...SEC306 Using Microsoft Active Directory Across On-Premises and AWS Cloud Wind...
SEC306 Using Microsoft Active Directory Across On-Premises and AWS Cloud Wind...Amazon Web Services
 
ENT308 Best Practices for Microsoft Architectures on AWS
ENT308 Best Practices for Microsoft Architectures on AWSENT308 Best Practices for Microsoft Architectures on AWS
ENT308 Best Practices for Microsoft Architectures on AWSAmazon Web Services
 
Getting Started with AWS Lambda and the Serverless Cloud
Getting Started with AWS Lambda and the Serverless CloudGetting Started with AWS Lambda and the Serverless Cloud
Getting Started with AWS Lambda and the Serverless CloudAmazon Web Services
 
WKS420 Create an IoT Gateway & Establish a Data Pipeline to AWS IoT with Intel
WKS420 Create an IoT Gateway & Establish a Data Pipeline to AWS IoT with IntelWKS420 Create an IoT Gateway & Establish a Data Pipeline to AWS IoT with Intel
WKS420 Create an IoT Gateway & Establish a Data Pipeline to AWS IoT with IntelAmazon Web Services
 
Deep Dive on Microservices and Amazon ECS
Deep Dive on Microservices and Amazon ECSDeep Dive on Microservices and Amazon ECS
Deep Dive on Microservices and Amazon ECSAmazon Web Services
 
Creating Your Virtual Data Center
Creating Your Virtual Data Center Creating Your Virtual Data Center
Creating Your Virtual Data Center Amazon Web Services
 
ENT308 Best Practices for Microsoft Architectures on AWS
ENT308 Best Practices for Microsoft Architectures on AWSENT308 Best Practices for Microsoft Architectures on AWS
ENT308 Best Practices for Microsoft Architectures on AWSAmazon Web Services
 
NEW LAUNCH! Bringing AWS Lambda to the Edge
NEW LAUNCH! Bringing AWS Lambda to the EdgeNEW LAUNCH! Bringing AWS Lambda to the Edge
NEW LAUNCH! Bringing AWS Lambda to the EdgeAmazon Web Services
 
AWS re:Invent 2016: Effective Application Data Analytics for Modern Applicati...
AWS re:Invent 2016: Effective Application Data Analytics for Modern Applicati...AWS re:Invent 2016: Effective Application Data Analytics for Modern Applicati...
AWS re:Invent 2016: Effective Application Data Analytics for Modern Applicati...Amazon Web Services
 
Convert and Migrate Your NoSQL Database or Data Warehouse to AWS - July 2017
Convert and Migrate Your NoSQL Database or Data Warehouse to AWS - July 2017Convert and Migrate Your NoSQL Database or Data Warehouse to AWS - July 2017
Convert and Migrate Your NoSQL Database or Data Warehouse to AWS - July 2017Amazon Web Services
 
Automated Compliance and Governance with AWS Config and AWS CloudTrail - June...
Automated Compliance and Governance with AWS Config and AWS CloudTrail - June...Automated Compliance and Governance with AWS Config and AWS CloudTrail - June...
Automated Compliance and Governance with AWS Config and AWS CloudTrail - June...Amazon Web Services
 
AWS re:Invent 2016: The State of Serverless Computing (SVR311)
AWS re:Invent 2016: The State of Serverless Computing (SVR311)AWS re:Invent 2016: The State of Serverless Computing (SVR311)
AWS re:Invent 2016: The State of Serverless Computing (SVR311)Amazon Web Services
 
SRV414 NEW LAUNCH! Introducing AWS CodeStar: The central experience to quickl...
SRV414 NEW LAUNCH! Introducing AWS CodeStar: The central experience to quickl...SRV414 NEW LAUNCH! Introducing AWS CodeStar: The central experience to quickl...
SRV414 NEW LAUNCH! Introducing AWS CodeStar: The central experience to quickl...Amazon Web Services
 
Serverless Workshop
Serverless WorkshopServerless Workshop
Serverless WorkshopAmazon Web Services
 
SRV415 NEW LAUNCH! DynamoDB just got faster: Deep Dive on DAX and more
SRV415 NEW LAUNCH! DynamoDB just got faster: Deep Dive on DAX and moreSRV415 NEW LAUNCH! DynamoDB just got faster: Deep Dive on DAX and more
SRV415 NEW LAUNCH! DynamoDB just got faster: Deep Dive on DAX and moreAmazon Web Services
 
AWS re:Invent 2016: Store and collaborate on content securely with Amazon Wor...
AWS re:Invent 2016: Store and collaborate on content securely with Amazon Wor...AWS re:Invent 2016: Store and collaborate on content securely with Amazon Wor...
AWS re:Invent 2016: Store and collaborate on content securely with Amazon Wor...Amazon Web Services
 
Best Practices for Active Directory with AWS Workloads | AWS Public Sector Su...
Best Practices for Active Directory with AWS Workloads | AWS Public Sector Su...Best Practices for Active Directory with AWS Workloads | AWS Public Sector Su...
Best Practices for Active Directory with AWS Workloads | AWS Public Sector Su...Amazon Web Services
 
Running Microsoft Workloads on AWS
Running Microsoft Workloads on AWSRunning Microsoft Workloads on AWS
Running Microsoft Workloads on AWSAmazon Web Services
 

Contenu connexe

Tendances

Extending Datacenters to the Cloud: Connectivity Options and Considerations f...
Extending Datacenters to the Cloud: Connectivity Options and Considerations f...Extending Datacenters to the Cloud: Connectivity Options and Considerations f...
Extending Datacenters to the Cloud: Connectivity Options and Considerations f...Amazon Web Services
 
SRV418 Deep Dive on Accelerating Content, APIs, and Applications with Amazon ...
SRV418 Deep Dive on Accelerating Content, APIs, and Applications with Amazon ...SRV418 Deep Dive on Accelerating Content, APIs, and Applications with Amazon ...
SRV418 Deep Dive on Accelerating Content, APIs, and Applications with Amazon ...Amazon Web Services
 
Getting Started with AWS Lambda and the Serverless Cloud
Getting Started with AWS Lambda and the Serverless CloudGetting Started with AWS Lambda and the Serverless Cloud
Getting Started with AWS Lambda and the Serverless CloudAmazon Web Services
 
GitHub Enterprise 及運用 Codedeploy 實現自動化
GitHub Enterprise 及運用 Codedeploy 實現自動化GitHub Enterprise 及運用 Codedeploy 實現自動化
GitHub Enterprise 及運用 Codedeploy 實現自動化Amazon Web Services
 
SEC306 Using Microsoft Active Directory Across On-Premises and AWS Cloud Wind...
SEC306 Using Microsoft Active Directory Across On-Premises and AWS Cloud Wind...SEC306 Using Microsoft Active Directory Across On-Premises and AWS Cloud Wind...
SEC306 Using Microsoft Active Directory Across On-Premises and AWS Cloud Wind...Amazon Web Services
 
ENT308 Best Practices for Microsoft Architectures on AWS
ENT308 Best Practices for Microsoft Architectures on AWSENT308 Best Practices for Microsoft Architectures on AWS
ENT308 Best Practices for Microsoft Architectures on AWSAmazon Web Services
 
Getting Started with AWS Lambda and the Serverless Cloud
Getting Started with AWS Lambda and the Serverless CloudGetting Started with AWS Lambda and the Serverless Cloud
Getting Started with AWS Lambda and the Serverless CloudAmazon Web Services
 
WKS420 Create an IoT Gateway & Establish a Data Pipeline to AWS IoT with Intel
WKS420 Create an IoT Gateway & Establish a Data Pipeline to AWS IoT with IntelWKS420 Create an IoT Gateway & Establish a Data Pipeline to AWS IoT with Intel
WKS420 Create an IoT Gateway & Establish a Data Pipeline to AWS IoT with IntelAmazon Web Services
 
Deep Dive on Microservices and Amazon ECS
Deep Dive on Microservices and Amazon ECSDeep Dive on Microservices and Amazon ECS
Deep Dive on Microservices and Amazon ECSAmazon Web Services
 
Creating Your Virtual Data Center
Creating Your Virtual Data Center Creating Your Virtual Data Center
Creating Your Virtual Data Center Amazon Web Services
 
ENT308 Best Practices for Microsoft Architectures on AWS
ENT308 Best Practices for Microsoft Architectures on AWSENT308 Best Practices for Microsoft Architectures on AWS
ENT308 Best Practices for Microsoft Architectures on AWSAmazon Web Services
 
NEW LAUNCH! Bringing AWS Lambda to the Edge
NEW LAUNCH! Bringing AWS Lambda to the EdgeNEW LAUNCH! Bringing AWS Lambda to the Edge
NEW LAUNCH! Bringing AWS Lambda to the EdgeAmazon Web Services
 
AWS re:Invent 2016: Effective Application Data Analytics for Modern Applicati...
AWS re:Invent 2016: Effective Application Data Analytics for Modern Applicati...AWS re:Invent 2016: Effective Application Data Analytics for Modern Applicati...
AWS re:Invent 2016: Effective Application Data Analytics for Modern Applicati...Amazon Web Services
 
Convert and Migrate Your NoSQL Database or Data Warehouse to AWS - July 2017
Convert and Migrate Your NoSQL Database or Data Warehouse to AWS - July 2017Convert and Migrate Your NoSQL Database or Data Warehouse to AWS - July 2017
Convert and Migrate Your NoSQL Database or Data Warehouse to AWS - July 2017Amazon Web Services
 
Automated Compliance and Governance with AWS Config and AWS CloudTrail - June...
Automated Compliance and Governance with AWS Config and AWS CloudTrail - June...Automated Compliance and Governance with AWS Config and AWS CloudTrail - June...
Automated Compliance and Governance with AWS Config and AWS CloudTrail - June...Amazon Web Services
 
AWS re:Invent 2016: The State of Serverless Computing (SVR311)
AWS re:Invent 2016: The State of Serverless Computing (SVR311)AWS re:Invent 2016: The State of Serverless Computing (SVR311)
AWS re:Invent 2016: The State of Serverless Computing (SVR311)Amazon Web Services
 
SRV414 NEW LAUNCH! Introducing AWS CodeStar: The central experience to quickl...
SRV414 NEW LAUNCH! Introducing AWS CodeStar: The central experience to quickl...SRV414 NEW LAUNCH! Introducing AWS CodeStar: The central experience to quickl...
SRV414 NEW LAUNCH! Introducing AWS CodeStar: The central experience to quickl...Amazon Web Services
 
SRV415 NEW LAUNCH! DynamoDB just got faster: Deep Dive on DAX and more
SRV415 NEW LAUNCH! DynamoDB just got faster: Deep Dive on DAX and moreSRV415 NEW LAUNCH! DynamoDB just got faster: Deep Dive on DAX and more
SRV415 NEW LAUNCH! DynamoDB just got faster: Deep Dive on DAX and moreAmazon Web Services
 
AWS re:Invent 2016: Store and collaborate on content securely with Amazon Wor...
AWS re:Invent 2016: Store and collaborate on content securely with Amazon Wor...AWS re:Invent 2016: Store and collaborate on content securely with Amazon Wor...
AWS re:Invent 2016: Store and collaborate on content securely with Amazon Wor...Amazon Web Services
 

Tendances (20)

Extending Datacenters to the Cloud: Connectivity Options and Considerations f...
Extending Datacenters to the Cloud: Connectivity Options and Considerations f...Extending Datacenters to the Cloud: Connectivity Options and Considerations f...
Extending Datacenters to the Cloud: Connectivity Options and Considerations f...
 
SRV418 Deep Dive on Accelerating Content, APIs, and Applications with Amazon ...
SRV418 Deep Dive on Accelerating Content, APIs, and Applications with Amazon ...SRV418 Deep Dive on Accelerating Content, APIs, and Applications with Amazon ...
SRV418 Deep Dive on Accelerating Content, APIs, and Applications with Amazon ...
 
Getting Started with AWS Lambda and the Serverless Cloud
Getting Started with AWS Lambda and the Serverless CloudGetting Started with AWS Lambda and the Serverless Cloud
Getting Started with AWS Lambda and the Serverless Cloud
 
GitHub Enterprise 及運用 Codedeploy 實現自動化
GitHub Enterprise 及運用 Codedeploy 實現自動化GitHub Enterprise 及運用 Codedeploy 實現自動化
GitHub Enterprise 及運用 Codedeploy 實現自動化
 
SEC306 Using Microsoft Active Directory Across On-Premises and AWS Cloud Wind...
SEC306 Using Microsoft Active Directory Across On-Premises and AWS Cloud Wind...SEC306 Using Microsoft Active Directory Across On-Premises and AWS Cloud Wind...
SEC306 Using Microsoft Active Directory Across On-Premises and AWS Cloud Wind...
 
ENT308 Best Practices for Microsoft Architectures on AWS
ENT308 Best Practices for Microsoft Architectures on AWSENT308 Best Practices for Microsoft Architectures on AWS
ENT308 Best Practices for Microsoft Architectures on AWS
 
Getting Started with AWS Lambda and the Serverless Cloud
Getting Started with AWS Lambda and the Serverless CloudGetting Started with AWS Lambda and the Serverless Cloud
Getting Started with AWS Lambda and the Serverless Cloud
 
WKS420 Create an IoT Gateway & Establish a Data Pipeline to AWS IoT with Intel
WKS420 Create an IoT Gateway & Establish a Data Pipeline to AWS IoT with IntelWKS420 Create an IoT Gateway & Establish a Data Pipeline to AWS IoT with Intel
WKS420 Create an IoT Gateway & Establish a Data Pipeline to AWS IoT with Intel
 
Deep Dive on Microservices and Amazon ECS
Deep Dive on Microservices and Amazon ECSDeep Dive on Microservices and Amazon ECS
Deep Dive on Microservices and Amazon ECS
 
Creating Your Virtual Data Center
Creating Your Virtual Data Center Creating Your Virtual Data Center
Creating Your Virtual Data Center
 
ENT308 Best Practices for Microsoft Architectures on AWS
ENT308 Best Practices for Microsoft Architectures on AWSENT308 Best Practices for Microsoft Architectures on AWS
ENT308 Best Practices for Microsoft Architectures on AWS
 
NEW LAUNCH! Bringing AWS Lambda to the Edge
NEW LAUNCH! Bringing AWS Lambda to the EdgeNEW LAUNCH! Bringing AWS Lambda to the Edge
NEW LAUNCH! Bringing AWS Lambda to the Edge
 
AWS re:Invent 2016: Effective Application Data Analytics for Modern Applicati...
AWS re:Invent 2016: Effective Application Data Analytics for Modern Applicati...AWS re:Invent 2016: Effective Application Data Analytics for Modern Applicati...
AWS re:Invent 2016: Effective Application Data Analytics for Modern Applicati...
 
Convert and Migrate Your NoSQL Database or Data Warehouse to AWS - July 2017
Convert and Migrate Your NoSQL Database or Data Warehouse to AWS - July 2017Convert and Migrate Your NoSQL Database or Data Warehouse to AWS - July 2017
Convert and Migrate Your NoSQL Database or Data Warehouse to AWS - July 2017
 
Automated Compliance and Governance with AWS Config and AWS CloudTrail - June...
Automated Compliance and Governance with AWS Config and AWS CloudTrail - June...Automated Compliance and Governance with AWS Config and AWS CloudTrail - June...
Automated Compliance and Governance with AWS Config and AWS CloudTrail - June...
 
AWS re:Invent 2016: The State of Serverless Computing (SVR311)
AWS re:Invent 2016: The State of Serverless Computing (SVR311)AWS re:Invent 2016: The State of Serverless Computing (SVR311)
AWS re:Invent 2016: The State of Serverless Computing (SVR311)
 
SRV414 NEW LAUNCH! Introducing AWS CodeStar: The central experience to quickl...
SRV414 NEW LAUNCH! Introducing AWS CodeStar: The central experience to quickl...SRV414 NEW LAUNCH! Introducing AWS CodeStar: The central experience to quickl...
SRV414 NEW LAUNCH! Introducing AWS CodeStar: The central experience to quickl...
 
Serverless Workshop
Serverless WorkshopServerless Workshop
Serverless Workshop
 
SRV415 NEW LAUNCH! DynamoDB just got faster: Deep Dive on DAX and more
SRV415 NEW LAUNCH! DynamoDB just got faster: Deep Dive on DAX and moreSRV415 NEW LAUNCH! DynamoDB just got faster: Deep Dive on DAX and more
SRV415 NEW LAUNCH! DynamoDB just got faster: Deep Dive on DAX and more
 
AWS re:Invent 2016: Store and collaborate on content securely with Amazon Wor...
AWS re:Invent 2016: Store and collaborate on content securely with Amazon Wor...AWS re:Invent 2016: Store and collaborate on content securely with Amazon Wor...
AWS re:Invent 2016: Store and collaborate on content securely with Amazon Wor...
 

Similaire à Using Microsoft Active Directory across On-premises and Cloud Workloads

Best Practices for Active Directory with AWS Workloads | AWS Public Sector Su...
Best Practices for Active Directory with AWS Workloads | AWS Public Sector Su...Best Practices for Active Directory with AWS Workloads | AWS Public Sector Su...
Best Practices for Active Directory with AWS Workloads | AWS Public Sector Su...Amazon Web Services
 
Running Microsoft Workloads on AWS
Running Microsoft Workloads on AWSRunning Microsoft Workloads on AWS
Running Microsoft Workloads on AWSAmazon Web Services
 
Transitioning to the Next Generation Hybrid Cloud Operating Model- AWS Summit...
Transitioning to the Next Generation Hybrid Cloud Operating Model- AWS Summit...Transitioning to the Next Generation Hybrid Cloud Operating Model- AWS Summit...
Transitioning to the Next Generation Hybrid Cloud Operating Model- AWS Summit...Amazon Web Services
 
Hybride Cloud Infrastrukturen durch Integration mit Active Directory - AWS Cl...
Hybride Cloud Infrastrukturen durch Integration mit Active Directory - AWS Cl...Hybride Cloud Infrastrukturen durch Integration mit Active Directory - AWS Cl...
Hybride Cloud Infrastrukturen durch Integration mit Active Directory - AWS Cl...AWS Germany
 
Running your Windows Enterprise Workloads on AWS - Technical 201
Running your Windows Enterprise Workloads on AWS - Technical 201Running your Windows Enterprise Workloads on AWS - Technical 201
Running your Windows Enterprise Workloads on AWS - Technical 201Amazon Web Services
 
Best Practices for Active Directory with AWS Workloads
Best Practices for Active Directory with AWS WorkloadsBest Practices for Active Directory with AWS Workloads
Best Practices for Active Directory with AWS WorkloadsAmazon Web Services
 
ENT201 Simplifying Microsoft Architectures with AWS Services
ENT201 Simplifying Microsoft Architectures with AWS ServicesENT201 Simplifying Microsoft Architectures with AWS Services
ENT201 Simplifying Microsoft Architectures with AWS ServicesAmazon Web Services
 
AWS Summit Auckland - Running your Enterprise Windows Workload on AWS
AWS Summit Auckland - Running your Enterprise Windows Workload on AWSAWS Summit Auckland - Running your Enterprise Windows Workload on AWS
AWS Summit Auckland - Running your Enterprise Windows Workload on AWSAmazon Web Services
 
Simplifying Microsoft Architectures with AWS - CMP214 - re:Invent 2017
Simplifying Microsoft Architectures with AWS - CMP214 - re:Invent 2017Simplifying Microsoft Architectures with AWS - CMP214 - re:Invent 2017
Simplifying Microsoft Architectures with AWS - CMP214 - re:Invent 2017Amazon Web Services
 
Migrating Microsoft Applications to AWS like an Expert
Migrating Microsoft Applications to AWS like an ExpertMigrating Microsoft Applications to AWS like an Expert
Migrating Microsoft Applications to AWS like an ExpertAmazon Web Services
 
AWS re:Invent 2016: Simplifying Microsoft Architectures with AWS services (WI...
AWS re:Invent 2016: Simplifying Microsoft Architectures with AWS services (WI...AWS re:Invent 2016: Simplifying Microsoft Architectures with AWS services (WI...
AWS re:Invent 2016: Simplifying Microsoft Architectures with AWS services (WI...Amazon Web Services
 
Getting Started with Windows Workloads on Amazon EC2
Getting Started with Windows Workloads on Amazon EC2Getting Started with Windows Workloads on Amazon EC2
Getting Started with Windows Workloads on Amazon EC2Amazon Web Services
 
WIN204-Simplifying Microsoft Architectures with AWS Services
WIN204-Simplifying Microsoft Architectures with AWS ServicesWIN204-Simplifying Microsoft Architectures with AWS Services
WIN204-Simplifying Microsoft Architectures with AWS ServicesAmazon Web Services
 
Running Business-Critical Applications on the AWS Cloud
Running Business-Critical Applications on the AWS CloudRunning Business-Critical Applications on the AWS Cloud
Running Business-Critical Applications on the AWS CloudAmazon Web Services
 
WIN401_Migrating Microsoft Applications to AWS
WIN401_Migrating Microsoft Applications to AWSWIN401_Migrating Microsoft Applications to AWS
WIN401_Migrating Microsoft Applications to AWSAmazon Web Services
 
Microsoft on AWS - AWS Summit SG 2017
Microsoft on AWS - AWS Summit SG 2017Microsoft on AWS - AWS Summit SG 2017
Microsoft on AWS - AWS Summit SG 2017Amazon Web Services
 
Best Practices for Deploying Microsoft Workloads on AWS
Best Practices for Deploying Microsoft Workloads on AWSBest Practices for Deploying Microsoft Workloads on AWS
Best Practices for Deploying Microsoft Workloads on AWSAmazon Web Services
 
Best Practices for Integrating Active Directory with AWS Workloads
Best Practices for Integrating Active Directory with AWS WorkloadsBest Practices for Integrating Active Directory with AWS Workloads
Best Practices for Integrating Active Directory with AWS WorkloadsAmazon Web Services
 
Introduction to Microsoft Workloads on AWS - AWS Online Tech Talks
Introduction to Microsoft Workloads on AWS - AWS Online Tech TalksIntroduction to Microsoft Workloads on AWS - AWS Online Tech Talks
Introduction to Microsoft Workloads on AWS - AWS Online Tech TalksAmazon Web Services
 

Similaire à Using Microsoft Active Directory across On-premises and Cloud Workloads (20)

Best Practices for Active Directory with AWS Workloads | AWS Public Sector Su...
Best Practices for Active Directory with AWS Workloads | AWS Public Sector Su...Best Practices for Active Directory with AWS Workloads | AWS Public Sector Su...
Best Practices for Active Directory with AWS Workloads | AWS Public Sector Su...
 
Running Microsoft Workloads on AWS
Running Microsoft Workloads on AWSRunning Microsoft Workloads on AWS
Running Microsoft Workloads on AWS
 
Transitioning to the Next Generation Hybrid Cloud Operating Model- AWS Summit...
Transitioning to the Next Generation Hybrid Cloud Operating Model- AWS Summit...Transitioning to the Next Generation Hybrid Cloud Operating Model- AWS Summit...
Transitioning to the Next Generation Hybrid Cloud Operating Model- AWS Summit...
 
Hybride Cloud Infrastrukturen durch Integration mit Active Directory - AWS Cl...
Hybride Cloud Infrastrukturen durch Integration mit Active Directory - AWS Cl...Hybride Cloud Infrastrukturen durch Integration mit Active Directory - AWS Cl...
Hybride Cloud Infrastrukturen durch Integration mit Active Directory - AWS Cl...
 
Running your Windows Enterprise Workloads on AWS - Technical 201
Running your Windows Enterprise Workloads on AWS - Technical 201Running your Windows Enterprise Workloads on AWS - Technical 201
Running your Windows Enterprise Workloads on AWS - Technical 201
 
Best Practices for Active Directory with AWS Workloads
Best Practices for Active Directory with AWS WorkloadsBest Practices for Active Directory with AWS Workloads
Best Practices for Active Directory with AWS Workloads
 
ENT201 Simplifying Microsoft Architectures with AWS Services
ENT201 Simplifying Microsoft Architectures with AWS ServicesENT201 Simplifying Microsoft Architectures with AWS Services
ENT201 Simplifying Microsoft Architectures with AWS Services
 
AWS Summit Auckland - Running your Enterprise Windows Workload on AWS
AWS Summit Auckland - Running your Enterprise Windows Workload on AWSAWS Summit Auckland - Running your Enterprise Windows Workload on AWS
AWS Summit Auckland - Running your Enterprise Windows Workload on AWS
 
Simplifying Microsoft Architectures with AWS - CMP214 - re:Invent 2017
Simplifying Microsoft Architectures with AWS - CMP214 - re:Invent 2017Simplifying Microsoft Architectures with AWS - CMP214 - re:Invent 2017
Simplifying Microsoft Architectures with AWS - CMP214 - re:Invent 2017
 
Migrating Microsoft Applications to AWS like an Expert
Migrating Microsoft Applications to AWS like an ExpertMigrating Microsoft Applications to AWS like an Expert
Migrating Microsoft Applications to AWS like an Expert
 
AWS re:Invent 2016: Simplifying Microsoft Architectures with AWS services (WI...
AWS re:Invent 2016: Simplifying Microsoft Architectures with AWS services (WI...AWS re:Invent 2016: Simplifying Microsoft Architectures with AWS services (WI...
AWS re:Invent 2016: Simplifying Microsoft Architectures with AWS services (WI...
 
Getting Started with Windows Workloads on Amazon EC2
Getting Started with Windows Workloads on Amazon EC2Getting Started with Windows Workloads on Amazon EC2
Getting Started with Windows Workloads on Amazon EC2
 
Microsoft Workloads on AWS
Microsoft Workloads on AWSMicrosoft Workloads on AWS
Microsoft Workloads on AWS
 
WIN204-Simplifying Microsoft Architectures with AWS Services
WIN204-Simplifying Microsoft Architectures with AWS ServicesWIN204-Simplifying Microsoft Architectures with AWS Services
WIN204-Simplifying Microsoft Architectures with AWS Services
 
Running Business-Critical Applications on the AWS Cloud
Running Business-Critical Applications on the AWS CloudRunning Business-Critical Applications on the AWS Cloud
Running Business-Critical Applications on the AWS Cloud
 
WIN401_Migrating Microsoft Applications to AWS
WIN401_Migrating Microsoft Applications to AWSWIN401_Migrating Microsoft Applications to AWS
WIN401_Migrating Microsoft Applications to AWS
 
Microsoft on AWS - AWS Summit SG 2017
Microsoft on AWS - AWS Summit SG 2017Microsoft on AWS - AWS Summit SG 2017
Microsoft on AWS - AWS Summit SG 2017
 
Best Practices for Deploying Microsoft Workloads on AWS
Best Practices for Deploying Microsoft Workloads on AWSBest Practices for Deploying Microsoft Workloads on AWS
Best Practices for Deploying Microsoft Workloads on AWS
 
Best Practices for Integrating Active Directory with AWS Workloads
Best Practices for Integrating Active Directory with AWS WorkloadsBest Practices for Integrating Active Directory with AWS Workloads
Best Practices for Integrating Active Directory with AWS Workloads
 
Introduction to Microsoft Workloads on AWS - AWS Online Tech Talks
Introduction to Microsoft Workloads on AWS - AWS Online Tech TalksIntroduction to Microsoft Workloads on AWS - AWS Online Tech Talks
Introduction to Microsoft Workloads on AWS - AWS Online Tech Talks
 

Plus de Amazon Web Services

Come costruire servizi di Forecasting sfruttando algoritmi di ML e deep learn...
Come costruire servizi di Forecasting sfruttando algoritmi di ML e deep learn...Come costruire servizi di Forecasting sfruttando algoritmi di ML e deep learn...
Come costruire servizi di Forecasting sfruttando algoritmi di ML e deep learn...Amazon Web Services
 
Big Data per le Startup: come creare applicazioni Big Data in modalità Server...
Big Data per le Startup: come creare applicazioni Big Data in modalità Server...Big Data per le Startup: come creare applicazioni Big Data in modalità Server...
Big Data per le Startup: come creare applicazioni Big Data in modalità Server...Amazon Web Services
 
Esegui pod serverless con Amazon EKS e AWS Fargate
Esegui pod serverless con Amazon EKS e AWS FargateEsegui pod serverless con Amazon EKS e AWS Fargate
Esegui pod serverless con Amazon EKS e AWS FargateAmazon Web Services
 
Costruire Applicazioni Moderne con AWS
Costruire Applicazioni Moderne con AWSCostruire Applicazioni Moderne con AWS
Costruire Applicazioni Moderne con AWSAmazon Web Services
 
Come spendere fino al 90% in meno con i container e le istanze spot
Come spendere fino al 90% in meno con i container e le istanze spot Come spendere fino al 90% in meno con i container e le istanze spot
Come spendere fino al 90% in meno con i container e le istanze spot Amazon Web Services
 
Rendi unica l’offerta della tua startup sul mercato con i servizi Machine Lea...
Rendi unica l’offerta della tua startup sul mercato con i servizi Machine Lea...Rendi unica l’offerta della tua startup sul mercato con i servizi Machine Lea...
Rendi unica l’offerta della tua startup sul mercato con i servizi Machine Lea...Amazon Web Services
 
OpsWorks Configuration Management: automatizza la gestione e i deployment del...
OpsWorks Configuration Management: automatizza la gestione e i deployment del...OpsWorks Configuration Management: automatizza la gestione e i deployment del...
OpsWorks Configuration Management: automatizza la gestione e i deployment del...Amazon Web Services
 
Microsoft Active Directory su AWS per supportare i tuoi Windows Workloads
Microsoft Active Directory su AWS per supportare i tuoi Windows WorkloadsMicrosoft Active Directory su AWS per supportare i tuoi Windows Workloads
Microsoft Active Directory su AWS per supportare i tuoi Windows WorkloadsAmazon Web Services
 
Database Oracle e VMware Cloud on AWS i miti da sfatare
Database Oracle e VMware Cloud on AWS i miti da sfatareDatabase Oracle e VMware Cloud on AWS i miti da sfatare
Database Oracle e VMware Cloud on AWS i miti da sfatareAmazon Web Services
 
Crea la tua prima serverless ledger-based app con QLDB e NodeJS
Crea la tua prima serverless ledger-based app con QLDB e NodeJSCrea la tua prima serverless ledger-based app con QLDB e NodeJS
Crea la tua prima serverless ledger-based app con QLDB e NodeJSAmazon Web Services
 
API moderne real-time per applicazioni mobili e web
API moderne real-time per applicazioni mobili e webAPI moderne real-time per applicazioni mobili e web
API moderne real-time per applicazioni mobili e webAmazon Web Services
 
Database Oracle e VMware Cloud™ on AWS: i miti da sfatare
Database Oracle e VMware Cloud™ on AWS: i miti da sfatareDatabase Oracle e VMware Cloud™ on AWS: i miti da sfatare
Database Oracle e VMware Cloud™ on AWS: i miti da sfatareAmazon Web Services
 
Tools for building your MVP on AWS
Tools for building your MVP on AWSTools for building your MVP on AWS
Tools for building your MVP on AWSAmazon Web Services
 
How to Build a Winning Pitch Deck
How to Build a Winning Pitch DeckHow to Build a Winning Pitch Deck
How to Build a Winning Pitch DeckAmazon Web Services
 
Building a web application without servers
Building a web application without serversBuilding a web application without servers
Building a web application without serversAmazon Web Services
 
AWS_HK_StartupDay_Building Interactive websites while automating for efficien...
AWS_HK_StartupDay_Building Interactive websites while automating for efficien...AWS_HK_StartupDay_Building Interactive websites while automating for efficien...
AWS_HK_StartupDay_Building Interactive websites while automating for efficien...Amazon Web Services
 
Introduzione a Amazon Elastic Container Service
Introduzione a Amazon Elastic Container ServiceIntroduzione a Amazon Elastic Container Service
Introduzione a Amazon Elastic Container ServiceAmazon Web Services
 

Plus de Amazon Web Services (20)

Come costruire servizi di Forecasting sfruttando algoritmi di ML e deep learn...
Come costruire servizi di Forecasting sfruttando algoritmi di ML e deep learn...Come costruire servizi di Forecasting sfruttando algoritmi di ML e deep learn...
Come costruire servizi di Forecasting sfruttando algoritmi di ML e deep learn...
 
Big Data per le Startup: come creare applicazioni Big Data in modalità Server...
Big Data per le Startup: come creare applicazioni Big Data in modalità Server...Big Data per le Startup: come creare applicazioni Big Data in modalità Server...
Big Data per le Startup: come creare applicazioni Big Data in modalità Server...
 
Esegui pod serverless con Amazon EKS e AWS Fargate
Esegui pod serverless con Amazon EKS e AWS FargateEsegui pod serverless con Amazon EKS e AWS Fargate
Esegui pod serverless con Amazon EKS e AWS Fargate
 
Costruire Applicazioni Moderne con AWS
Costruire Applicazioni Moderne con AWSCostruire Applicazioni Moderne con AWS
Costruire Applicazioni Moderne con AWS
 
Come spendere fino al 90% in meno con i container e le istanze spot
Come spendere fino al 90% in meno con i container e le istanze spot Come spendere fino al 90% in meno con i container e le istanze spot
Come spendere fino al 90% in meno con i container e le istanze spot
 
Open banking as a service
Open banking as a serviceOpen banking as a service
Open banking as a service
 
Rendi unica l’offerta della tua startup sul mercato con i servizi Machine Lea...
Rendi unica l’offerta della tua startup sul mercato con i servizi Machine Lea...Rendi unica l’offerta della tua startup sul mercato con i servizi Machine Lea...
Rendi unica l’offerta della tua startup sul mercato con i servizi Machine Lea...
 
OpsWorks Configuration Management: automatizza la gestione e i deployment del...
OpsWorks Configuration Management: automatizza la gestione e i deployment del...OpsWorks Configuration Management: automatizza la gestione e i deployment del...
OpsWorks Configuration Management: automatizza la gestione e i deployment del...
 
Microsoft Active Directory su AWS per supportare i tuoi Windows Workloads
Microsoft Active Directory su AWS per supportare i tuoi Windows WorkloadsMicrosoft Active Directory su AWS per supportare i tuoi Windows Workloads
Microsoft Active Directory su AWS per supportare i tuoi Windows Workloads
 
Computer Vision con AWS
Computer Vision con AWSComputer Vision con AWS
Computer Vision con AWS
 
Database Oracle e VMware Cloud on AWS i miti da sfatare
Database Oracle e VMware Cloud on AWS i miti da sfatareDatabase Oracle e VMware Cloud on AWS i miti da sfatare
Database Oracle e VMware Cloud on AWS i miti da sfatare
 
Crea la tua prima serverless ledger-based app con QLDB e NodeJS
Crea la tua prima serverless ledger-based app con QLDB e NodeJSCrea la tua prima serverless ledger-based app con QLDB e NodeJS
Crea la tua prima serverless ledger-based app con QLDB e NodeJS
 
API moderne real-time per applicazioni mobili e web
API moderne real-time per applicazioni mobili e webAPI moderne real-time per applicazioni mobili e web
API moderne real-time per applicazioni mobili e web
 
Database Oracle e VMware Cloud™ on AWS: i miti da sfatare
Database Oracle e VMware Cloud™ on AWS: i miti da sfatareDatabase Oracle e VMware Cloud™ on AWS: i miti da sfatare
Database Oracle e VMware Cloud™ on AWS: i miti da sfatare
 
Tools for building your MVP on AWS
Tools for building your MVP on AWSTools for building your MVP on AWS
Tools for building your MVP on AWS
 
How to Build a Winning Pitch Deck
How to Build a Winning Pitch DeckHow to Build a Winning Pitch Deck
How to Build a Winning Pitch Deck
 
Building a web application without servers
Building a web application without serversBuilding a web application without servers
Building a web application without servers
 
Fundraising Essentials
Fundraising EssentialsFundraising Essentials
Fundraising Essentials
 
AWS_HK_StartupDay_Building Interactive websites while automating for efficien...
AWS_HK_StartupDay_Building Interactive websites while automating for efficien...AWS_HK_StartupDay_Building Interactive websites while automating for efficien...
AWS_HK_StartupDay_Building Interactive websites while automating for efficien...
 
Introduzione a Amazon Elastic Container Service
Introduzione a Amazon Elastic Container ServiceIntroduzione a Amazon Elastic Container Service
Introduzione a Amazon Elastic Container Service
 

Dernier

TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data DiscoveryTrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data DiscoveryTrustArc
 
Apidays Singapore 2024 - Modernizing Securities Finance by Madhu Subbu
Apidays Singapore 2024 - Modernizing Securities Finance by Madhu SubbuApidays Singapore 2024 - Modernizing Securities Finance by Madhu Subbu
Apidays Singapore 2024 - Modernizing Securities Finance by Madhu Subbuapidays
 
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, AdobeApidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobeapidays
 
ICT role in 21st century education and its challenges
ICT role in 21st century education and its challengesICT role in 21st century education and its challenges
ICT role in 21st century education and its challengesrafiqahmad00786416
 
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...Jeffrey Haguewood
 
Boost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdfBoost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdfsudhanshuwaghmare1
 
Apidays New York 2024 - The value of a flexible API Management solution for O...
Apidays New York 2024 - The value of a flexible API Management solution for O...Apidays New York 2024 - The value of a flexible API Management solution for O...
Apidays New York 2024 - The value of a flexible API Management solution for O...apidays
 
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemkeProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemkeProduct Anonymous
 
Polkadot JAM Slides - Token2049 - By Dr. Gavin Wood
Polkadot JAM Slides - Token2049 - By Dr. Gavin WoodPolkadot JAM Slides - Token2049 - By Dr. Gavin Wood
Polkadot JAM Slides - Token2049 - By Dr. Gavin WoodJuan lago vázquez
 
Why Teams call analytics are critical to your entire business
Why Teams call analytics are critical to your entire businessWhy Teams call analytics are critical to your entire business
Why Teams call analytics are critical to your entire businesspanagenda
 
"I see eyes in my soup": How Delivery Hero implemented the safety system for ...
"I see eyes in my soup": How Delivery Hero implemented the safety system for ..."I see eyes in my soup": How Delivery Hero implemented the safety system for ...
"I see eyes in my soup": How Delivery Hero implemented the safety system for ...Zilliz
 
Navi Mumbai Call Girls 🥰 8617370543 Service Offer VIP Hot Model
Navi Mumbai Call Girls 🥰 8617370543 Service Offer VIP Hot ModelNavi Mumbai Call Girls 🥰 8617370543 Service Offer VIP Hot Model
Navi Mumbai Call Girls 🥰 8617370543 Service Offer VIP Hot ModelDeepika Singh
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerThousandEyes
 
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot TakeoffStrategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoffsammart93
 
Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...
Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...
Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...apidays
 
Ransomware_Q4_2023. The report. [EN].pdf
Ransomware_Q4_2023. The report. [EN].pdfRansomware_Q4_2023. The report. [EN].pdf
Ransomware_Q4_2023. The report. [EN].pdfOverkill Security
 
2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...Martijn de Jong
 
Corporate and higher education May webinar.pptx
Corporate and higher education May webinar.pptxCorporate and higher education May webinar.pptx
Corporate and higher education May webinar.pptxRustici Software
 
Data Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonData Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonAnna Loughnan Colquhoun
 

Dernier (20)

TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data DiscoveryTrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
 
Apidays Singapore 2024 - Modernizing Securities Finance by Madhu Subbu
Apidays Singapore 2024 - Modernizing Securities Finance by Madhu SubbuApidays Singapore 2024 - Modernizing Securities Finance by Madhu Subbu
Apidays Singapore 2024 - Modernizing Securities Finance by Madhu Subbu
 
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, AdobeApidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
 
ICT role in 21st century education and its challenges
ICT role in 21st century education and its challengesICT role in 21st century education and its challenges
ICT role in 21st century education and its challenges
 
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
 
Boost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdfBoost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdf
 
Apidays New York 2024 - The value of a flexible API Management solution for O...
Apidays New York 2024 - The value of a flexible API Management solution for O...Apidays New York 2024 - The value of a flexible API Management solution for O...
Apidays New York 2024 - The value of a flexible API Management solution for O...
 
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemkeProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
 
Polkadot JAM Slides - Token2049 - By Dr. Gavin Wood
Polkadot JAM Slides - Token2049 - By Dr. Gavin WoodPolkadot JAM Slides - Token2049 - By Dr. Gavin Wood
Polkadot JAM Slides - Token2049 - By Dr. Gavin Wood
 
Why Teams call analytics are critical to your entire business
Why Teams call analytics are critical to your entire businessWhy Teams call analytics are critical to your entire business
Why Teams call analytics are critical to your entire business
 
"I see eyes in my soup": How Delivery Hero implemented the safety system for ...
"I see eyes in my soup": How Delivery Hero implemented the safety system for ..."I see eyes in my soup": How Delivery Hero implemented the safety system for ...
"I see eyes in my soup": How Delivery Hero implemented the safety system for ...
 
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
 
Navi Mumbai Call Girls 🥰 8617370543 Service Offer VIP Hot Model
Navi Mumbai Call Girls 🥰 8617370543 Service Offer VIP Hot ModelNavi Mumbai Call Girls 🥰 8617370543 Service Offer VIP Hot Model
Navi Mumbai Call Girls 🥰 8617370543 Service Offer VIP Hot Model
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected Worker
 
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot TakeoffStrategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
 
Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...
Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...
Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...
 
Ransomware_Q4_2023. The report. [EN].pdf
Ransomware_Q4_2023. The report. [EN].pdfRansomware_Q4_2023. The report. [EN].pdf
Ransomware_Q4_2023. The report. [EN].pdf
 
2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...
 
Corporate and higher education May webinar.pptx
Corporate and higher education May webinar.pptxCorporate and higher education May webinar.pptx
Corporate and higher education May webinar.pptx
 
Data Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonData Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt Robison
 

Using Microsoft Active Directory across On-premises and Cloud Workloads

  • 1. © 2017, Amazon Web Services, Inc. or its Affiliates. All rights reserved. Ron Cully, Sr. Product Manager, AWS Directory Service Julien Lépine, Principal Solutions Architect, AWS June 14th, 2017 AWS Directory Service for Microsoft Active Directory
  • 2. Quick word on logistics Content of today’s webinar • Presentation: 30 minutes • Q&A: 15 minutes Please ask questions in the questions pane Slides are available for download after the webinar
  • 3. What to expect from this webinar • Examples of how AWS Cloud workloads use Active Directory • Options for integrating your AWS Cloud workloads with Active Directory • An introduction to AWS Directory Service for Microsoft Active Directory (AWS Microsoft AD) • Overview of identity federation using AWS Microsoft AD • A deep-dive on setting up trusts to your on-premises Active Directory domain securely • Guidance on how to administer your AWS managed domain
  • 4. Why AWS Cloud Windows workloads need Microsoft Active Directory (AD) • Enable single sign-on (SSO) to applications running on the AWS Cloud and AWS services, such as Amazon Workspaces • Manage access to your AWS Cloud resources using AD groups • Enforce policies for Amazon EC2 Windows Server instances and Amazon RDS for SQL Server via AD Group Policy objects
  • 5. Options for using Active Directory in the AWS Cloud • Use AWS Directory Service for Microsoft Active Directory (AWS Microsoft AD) • Deploy and manage your own Active Directory on Amazon EC2 • Domain join your AWS Cloud resources to your on- premises Active Directory domain (not covered in this webinar)
  • 6. Poll Question How do you use Active Directory with your AWS Cloud workloads today? a) AWS Directory Service for Microsoft Active Directory b) Active Directory running on Amazon EC2 Windows Server c) Domain join my workloads to my on-premises Active Directory d) Other (Simple AD, AD Connector, etc.) e) No solution – this is a blocker for cloud adoption
  • 7. Active Directory best practices on AWS Availability Zone B Private subnet DC2 Availability Zone A Private subnet DC1 company.local RELIABILITY COMPLIANCEGLOBAL REACH SECURITY Amazon VPC in an AWS Region
  • 8. Hybrid integrated enterprise Availability Zone B Private subnet DC4 Corporate Network London DC1 Paris DC2 Cost 50 Availability Zone A Private subnet DC3 company.local company.local VPN AWS Direct Connect Amazon VPC in an AWS Region
  • 9. Hybrid with resource forest Availability Zone B Private subnet DC4 Corporate Network London DC1 Paris DC2Availability Zone A Private subnet DC3 company.local company.cloud VPN AWS Direct Connect Amazon VPC in an AWS Region
  • 10. Hybrid with resource forest Availability Zone B Private subnet Corporate Network London DC1 Paris DC2Availability Zone A Private subnet company.local company.cloud VPN AWS Direct Connect Amazon VPC in an AWS Region AWS Directory Service
  • 11. AWS Directory Service for Microsoft Active Directory Highly available and managed directory Built on actual Microsoft Active Directory running on Windows Server 2012 R2 Extends your on- premises domain to the AWS Cloud without synching identity data Managed Microsoft Active Directory running in the AWS Cloud
  • 12. Poll Question Which benefit of AWS Directory Service for Microsoft Active Directory is most important to you? a) Highly available managed infrastructure b) Built on actual Microsoft Active Directory c) Does not require you to sync your identities to the AWS Cloud
  • 14. Identity federation Active Directory Users Enterprise Applications Corporate Systems AWS Identity and Access Management (IAM) IAM roles Amazon EC2 Amazon DynamoDB Amazon S3
  • 15. Federation with AWS Microsoft AD
  • 17. Advanced applications support Microsoft SharePoint Microsoft SQL Server Always On Availability Groups Microsoft Dynamics
  • 18. Forest Trusts Time tested, secure model The trusting forest has no admin control over the trusted forest Trusted users have cloud resource access, only if entitled by trusting admins (you control both sides) Resources in the cloud have no access to on-premises resources unless on-premises trusts the cloud AND on-premises admins grant permissions to user identities in the cloud AD AD On-premises network VPC Trust AWS Managed Microsoft AD DC Windows AD DC Access Security group (access entitlements here) Security group Trusting Trusted Cloud On-premises
  • 19. No trust vs. 1-way vs. 2-way trusts Do you need users from one forest to access resources in another forest? • If no, use no trust Can you use only a 1-way trust? • If yes, only use 1-way • RDS for SQL Server with on-premises users requires at least 1-way Is a 2-way trust required? • If yes, use 2-way trust • WorkSpaces, QuickSight Enterprise Edition, and Chime use 2-way trusts • On-premises to AWS Managed Microsoft AD trust used only to read users/groups to provision them into the application Always Secure Your Trust
  • 20. Securing trusts Leave SID filtering on when setting up the on-premises side of a trust Turn on selective authentication on the on-premises side of a trust • https://technet.microsoft.com/en-us/library/cc755321(v=ws.10).aspx#w2k3tr_trust_security_zyzk Only permit AD trust ports to the DCs in the cloud • https://technet.microsoft.com/en-us/library/cc756944(v=ws.10).aspx For cloud-client-to-AD, only permit AD authentication ports to on-premises AD; minimize all other ports from cloud to on-premises (e.g., WorkSpaces login using on-premises credentials) • https://support.microsoft.com/en-us/help/179442/how-to-configure-a-firewall-for-domains-and-trusts Don’t grant groups in the cloud access to on-premises resources
  • 21. Managing users and computers DOMAIN JOINED INSTANCE FAMILIAR TOOLS
  • 24. Amazon EC2 System Manager run command aws ssm send-command --document-name "AWS-JoinDirectoryServiceDomain” --document-description "Join your instances to an AWS Directory Service domain.” --instance-ids "i-0123456789abcdef0” --parameters '{"directoryId":["d-0123456789"], "dnsIpAddresses":["172.31.99.48","172.31.174.16"], "directoryName":["dub.lepine.local"]}’ --timeout-seconds 600 --region eu-west-1
  • 25. Amazon RDS for SQL Server domain integrated
  • 26. Auditing your AWS Microsoft AD logs SECURITY DNS
  • 27. Auditing using AWS CloudTrail FULL VISIBILITY AUDITABILITY
  • 28. Other AWS Microsoft AD features • Automated Daily Snapshots • Extensible Active Directory Schema • Fine grained password policies • Amazon SNS-based monitoring and alerting • Amazon Enterprise Applications management
  • 32. What we covered • Best practices for using Microsoft Active Directory with your AWS Cloud workloads • Extending your on-premises Active Directory to the AWS Cloud • Managing your AWS Microsoft AD domain • Auditing and securing your AWS Cloud environment
  • 33. How to get started 30-day limited free trial available to try AWS Microsoft AD at no additional charge! Visit our website to learn more aws.amazon.com/directoryservice
  • 34. Q&A