Simple Active Directory - Amazon Directory Service
Services or capabilities described in Amazon Web Services documentation might vary by Region. To see the differences applicable to the China Regions, see Getting Started with Amazon Web Services in China (PDF).

Simple Active Directory

Simple AD is a standalone managed directory that is powered by a Samba 4 Active Directory Compatible Server. It is available in two sizes.

  • Small - Supports up to 500 users (approximately 2,000 objects including users, groups, and computers).

  • Large - Supports up to 5,000 users (approximately 20,000 objects including users, groups, and computers).

Simple AD provides a subset of the features offered by Amazon Managed Microsoft AD, including the ability to manage user accounts and group memberships, create and apply group policies, securely connect to Amazon EC2 instances, and provide Kerberos-based single sign-on (SSO). However, note that Simple AD does not support features such as multi-factor authentication (MFA), trust relationships with other domains, Active Directory Administrative Center, PowerShell support, Active Directory recycle bin, group managed service accounts, and schema extensions for POSIX and Microsoft applications.

Simple AD offers many advantages:

  • Simple AD makes it easier to manage amazon EC2 instances running Linux and Windows and deploy Windows applications in the Amazon Cloud.

  • Many of the applications and tools that you use today that require Microsoft Active Directory support can be used with Simple AD.

  • User accounts in Simple AD allow access to Amazon applications such as WorkSpaces, Amazon WorkDocs, or Amazon WorkMail.

  • You can manage Amazon resources through IAM role–based access to the Amazon Web Services Management Console.

  • Daily automated snapshots enable point-in-time recovery.

Simple AD does not support any of the following:

  • Amazon AppStream 2.0

  • Amazon Chime

  • Amazon RDS for SQL Server

  • Amazon RDS for Oracle

  • Amazon IAM Identity Center

  • Trust relationships with other domains

  • Active Directory Administrative Center

  • PowerShell

  • Active Directory recycle bin

  • Group managed service accounts

  • Schema extensions for POSIX and Microsoft applications

Continue reading the topics in this section to learn how to create your own Simple AD.