Usando AWS re:Post, accetti AWS re:Post Termini di utilizzo
AWS re:Postre:Post

Directory Service directory migration between accounts

0

Hello to anyone reading,

I have a question about the following, imagine that an AWS customer creates their account and chooses to use the Directory Service service for their Microsoft AD.

Over the years, this company was purchased by a company and its account became a daughter account.

Is it possible to migrate as a replica the Directory service with all the records of groups, users and everything else? Taking into account that after migration the Directory has to be deleted from the child account.

Thank you very much.

Argomenti
Sicurezza, identità e conformità
Tag
AWS Directory Service
Lingua
English
AWS-User-3666242
posta 2 anni fa681 visualizzazioni
1 Risposta
-1

Good day, there

Yes, you can now use the Active Directory Migration Toolkit (ADMT) along with the Password Export Service (PES) to migrate your self-managed AD to AWS Directory Service for Microsoft Active Directory, also known as AWS Managed Microsoft AD, since the company was purchased and running their AD's on premises.This makes it easier for you to move AD objects and encrypted passwords for your users.Please see the attached document for more information.

Resource: https://aws.amazon.com/blogs/security/how-to-migrate-your-on-premises-domain-to-aws-managed-microsoft-ad-using-admt/

Nosiphiwo
con risposta 2 anni fa
  • Rob_H ESPERTO
    un anno fa

    This answer is incorrect, you cannot migrate password out of AWS Managed AD, you could migrate the users themselves from one directory to another but SID history and passwords would not be synced to the new managed Active Directory environment.

Accesso non effettuato. Accedi per postare una risposta.

Una buona risposta soddisfa chiaramente la domanda, fornisce un feedback costruttivo e incoraggia la crescita professionale del richiedente.

Linee guida per rispondere alle domande

Contenuto pertinente