Create an AD Connector - Amazon Directory Service
Services or capabilities described in Amazon Web Services documentation might vary by Region. To see the differences applicable to the China Regions, see Getting Started with Amazon Web Services in China (PDF).

Create an AD Connector

To connect to your existing directory with AD Connector, perform the following steps. Before starting this procedure, make sure you have completed the prerequisites identified in AD Connector prerequisites.


You cannot create an AD Connector with a Cloud Formation template.

To connect with AD Connector
  1. In the Amazon Directory Service console navigation pane, choose Directories and then choose Set up directory.

  2. On the Select directory type page, choose AD Connector, and then choose Next.

  3. On the Enter AD Connector information page, provide the following information:

    Directory size

    Choose from either the Small or Large size option. For more information about sizes, see Active Directory Connector.

    Directory description

    An optional description for the directory.

  4. On the Choose VPC and subnets page, provide the following information, and then choose Next.


    The VPC for the directory.


    Choose the subnets for the domain controllers. The two subnets must be in different Availability Zones.

  5. On the Connect to AD page, provide the following information:

    Directory DNS name

    The fully qualified name of your existing directory, such as

    Directory NetBIOS name

    The short name of your existing directory, such as CORP.

    DNS IP addresses

    The IP address of at least one DNS server in your existing directory. These servers must be accessible from each subnet specified in step 4. These servers can be located outside of Amazon, as long as there is network connectivity between the specified subnets and the DNS server IP addresses.

    Service account username

    The user name of a user in the existing directory. For more information about this account, see the AD Connector prerequisites.

    Service account password

    The password for the existing user account. This password is case-sensitive and must be between 8 and 128 characters in length, inclusive. It must also contain at least one character from three of the following four categories:

    • Lowercase letters (a-z)

    • Uppercase letters (A-Z)

    • Numbers (0-9)

    • Non-alphanumeric characters (~!@#$%^&*_-+=`|\(){}[]:;"'<>,.?/)

    Confirm password

    Retype the password for the existing user account.

  6. On the Review & create page, review the directory information and make any necessary changes. When the information is correct, choose Create directory. It takes several minutes for the directory to be created. Once created, the Status value changes to Active.