Creating an Amazon Managed Microsoft AD user

To create an Amazon Managed Microsoft AD user with the Amazon Web Services Management Console

1. Open the Amazon Directory Service console at https://console.amazonaws.cn/directoryservicev2/.

2. From the navigation pane, choose Active Directory, and then choose Directories. You're directed to the Directories screen where you can view a list of directories in your Amazon Web Services Region.

3. Choose a directory. You're directed to the Directory details screen.

4. On the Directory details page, under the Users section, choose Create users account.

5. The Specify user details page opens. Under the Required information section, enter a user logon name and password. User logon names must meet the following conditions:

   • Must be a unique logon name

   • Can be up to 20 characters long

   • Can only contain alphanumeric characters

   • ~!@#$%^&*_-+=`|\(){}[]:;"'<>,.?/

   • The password must adhere to your password policy requirements. Check with your Amazon administrator for more information.

   Warning

   The user logon name cannot be changed after the user is created.

   1. (Optional) Under the Primary information section, you can enter a first and last name for the user. You can also enter a display name and description for the user.

   2. (Optional) Under the Contact methods section, you can enter an email address and telephone numbers for the user.

   3. (Optional) Under the Job-related information section, you can enter a department, manager, office, and company for the user.

   4. (Optional) Under the Address section, you can enter an address for the user.

   5. (Optional) Under the Account settings section, you can enter notes, a preferred language, and service principal name for the user.

      For more information on user attributes, see Amazon Directory Service Data attributes and Microsoft documentation.

6. Choose Next once you've provided the user account details.

7. On the Add users to groups - optional page, you can add the user to a new group or to an existing group. You can also copy the group membership of an existing user to the new user. If you don't want to add a user to a group, choose Next. Move to Step 12 to continue this procedure.

8. (Optional) To create a new group, see Create a Amazon Managed Microsoft AD group.

9. (Optional) To add a new user to an existing group:

   1. Select the group you want to add the new user to in the Groups section. To find groups, enter the group name in the search box.

10. (Optional) To copy the group membership of an existing user to a new user:

    1. Choose the Copy group membership from user tab. To find a user with a group membership you want to copy, enter the user logon name in the search box under the Users section.

    2. In the Selected groups section, select the groups the new user should become a member of.

11. Choose Next when you're ready to create the new user account.

12. On the Review and create user page, review all the choices you made. Choose Create user.

13. After the user is configured, you're taken to the new user's details page. A banner appears stating the user was successfully created.

To create an Amazon Managed Microsoft AD user with Amazon CLI

• Open the Amazon CLI, and run the following command with your Directory ID, username, and display name:

To create an Amazon Managed Microsoft AD user with Tools for PowerShell

• Open PowerShell, and run the following command with your Directory ID, username, and display name: