Secure your AD Connector directory
You can use features like multi-factor authentication (MFA), client-side Lightweight Directory Access Protocol over Secure Sockets Layer (SSL)/Transport Layer Security (TLS) (LDAPS), and Amazon Private Certificate Authority to secure your AD Connector. Ways you can secure your AD Connector include:
-
Enable MFA which increases your AD Connector security.
-
Enable client-side Lightweight Directory Access Protocol over Secure Socket Layer (SSL)/Transport Layer Security (TLS) (LDAPS) so that communications over LDAP are encrypted and improves security.
-
Enable certificate-based mutual Transport Layer Security (mTLS) authentication with smart cards which allows users to authenticate in to Amazon Web Services through your Active Directory and AD Connector.
-
Update your AD Connector service account credentials.
-
Set up Amazon Private CA Connector for AD so you can issue and manage certificates for your AD Connector.
Tasks to secure your AD Connector
- Enabling multi-factor authentication for AD Connector
- Enabling client-side LDAPS using AD Connector
- Enabling mTLS authentication in AD Connector for use with smart cards
- Updating your AD Connector service account credentials in Amazon Web Services Management Console
- Set up Amazon Private CA Connector for AD for AD Connector