AWS SSO and AD timeouts/password compliance

0

When an AD is connected to IAM Identity Center Does the SSO portion of IAM Identity Center inherit the policies within the AD? when attempted to reset password does it restrict users to the password policy of the AD GPO and does it enforce timeouts? if so how does one set that up after connecting the AD to IAM Identity Center

Thank you!

1개 답변
0

When AD is connected to IAM identity center, it is primarily used as a Identity provider. The policies in AD does not have any effect on Identity center. IAM Identity Center uses the connection provided AD to synchronize user, group, and membership information from your source directory in Active Directory to the IAM Identity Center identity store. No password information is synchronized to IAM Identity Center, since user authentication takes place directly from the source directory in Active Directory. This identity data is used by IAM Identity Center enabled applications to facilitate in-app lookup, authorization, and collaboration scenarios without passing LDAP activity back to the source directory in Active Directory.

Additional info can be found at https://docs.aws.amazon.com/singlesignon/latest/userguide/manage-your-identity-source-ad.html

AWS
답변함 일 년 전

로그인하지 않았습니다. 로그인해야 답변을 게시할 수 있습니다.

좋은 답변은 질문에 명확하게 답하고 건설적인 피드백을 제공하며 질문자의 전문적인 성장을 장려합니다.

질문 답변하기에 대한 가이드라인

관련 콘텐츠