使用 AWS re:Post 即表示您同意 AWS re:Post 使用條款
AWS re:Postre:Post

Directory Service directory migration between accounts

0

Hello to anyone reading,

I have a question about the following, imagine that an AWS customer creates their account and chooses to use the Directory Service service for their Microsoft AD.

Over the years, this company was purchased by a company and its account became a daughter account.

Is it possible to migrate as a replica the Directory service with all the records of groups, users and everything else? Taking into account that after migration the Directory has to be deleted from the child account.

Thank you very much.

主題
安全性、身分識別與合規
標籤
AWS Directory Service
語言
English
AWS-User-3666242
已提問 2 年前檢視次數 681 次
1 個回答
-1

Good day, there

Yes, you can now use the Active Directory Migration Toolkit (ADMT) along with the Password Export Service (PES) to migrate your self-managed AD to AWS Directory Service for Microsoft Active Directory, also known as AWS Managed Microsoft AD, since the company was purchased and running their AD's on premises.This makes it easier for you to move AD objects and encrypted passwords for your users.Please see the attached document for more information.

Resource: https://aws.amazon.com/blogs/security/how-to-migrate-your-on-premises-domain-to-aws-managed-microsoft-ad-using-admt/

Nosiphiwo
已回答 2 年前
  • Rob_H 專家
    1 年前

    This answer is incorrect, you cannot migrate password out of AWS Managed AD, you could migrate the users themselves from one directory to another but SID history and passwords would not be synced to the new managed Active Directory environment.

您尚未登入。 登入 去張貼答案。

一個好的回答可以清楚地回答問題並提供建設性的意見回饋,同時有助於提問者的專業成長。

回答問題指南

相關內容