Secure your AD Connector directory - Amazon Directory Service
Services or capabilities described in Amazon Web Services documentation might vary by Region. To see the differences applicable to the China Regions, see Getting Started with Amazon Web Services in China (PDF).

Secure your AD Connector directory

You can use features like multi-factor authentication (MFA), client-side Lightweight Directory Access Protocol over Secure Sockets Layer (SSL)/Transport Layer Security (TLS) (LDAPS), and Amazon Private Certificate Authority to secure your AD Connector. Ways you can secure your AD Connector include:

  • Enable MFA which increases your AD Connector security.

  • Enable client-side Lightweight Directory Access Protocol over Secure Socket Layer (SSL)/Transport Layer Security (TLS) (LDAPS) so that communications over LDAP are encrypted and improves security.

  • Enable certificate-based mutual Transport Layer Security (mTLS) authentication with smart cards which allows users to authenticate in to Amazon Web Services through your Active Directory and AD Connector.

  • Update your AD Connector service account credentials.

  • Set up Amazon Private CA Connector for AD so you can issue and manage certificates for your AD Connector.