How do I create a trust relationship between AWS Managed Microsoft AD and my existing on-premises AD domain?

Last updated: 2019-06-26

I want to create a trust relationship between my on-premises domain and my AWS Directory Service for Microsoft Active Directory. How can I do this?

Short Description

A trust relationship is a link between two different domains, whereby one domain (trusting domain) trusts another (trusted domain). In a one-way trust scenario, the user accounts from the trusted domain are allowed to access resources in the trusting domain.

AWS Directory Service for Microsoft Active Directory supports external and forest trust relationships with your existing on-premises domain in all three trust relationship directions:

  • One-way Incoming
  • One-way Outgoing
  • Two-way (Bi-directional)

Resolution

To create a trust relationship between your AWS Managed Microsoft AD and your on-premises domain, follow these steps:

Important: You must create the trust on the on-premises domain first. Then, create the trust on your AWS Managed Microsoft AD.

  1. Complete all prerequisite steps.
  2. Prepare your on-premises domain for the trust relationship.
  3. Prepare your AWS Managed Microsoft AD for the trust relationship.
  4. Create the trust relationship between your on-premises AD and your AWS Managed Microsoft AD.

Did this article help you?

Anything we could improve?


Need more help?