Disabling an Amazon Managed Microsoft AD user - Amazon Directory Service
Services or capabilities described in Amazon Web Services documentation might vary by Region. To see the differences applicable to the China Regions, see Getting Started with Amazon Web Services in China (PDF).

Disabling an Amazon Managed Microsoft AD user

Use the following procedure to disable an Amazon Managed Microsoft AD user with user and group management or Amazon Directory Service Data in either the Amazon Web Services Management Console, Amazon CLI, or Amazon Tools for PowerShell.

Important

When you disable a user's account, the user loses any permissions to access their account and applications.

Before you begin either procedure, you need to complete the following:
Amazon Web Services Management Console

You can disable an Amazon Managed Microsoft AD user account in the Amazon Web Services Management Console.

To disable an Amazon Managed Microsoft AD user account with the Amazon Web Services Management Console
  1. Open the Amazon Directory Service console at https://console.amazonaws.cn/directoryservicev2/.

  2. From the navigation pane, choose Active Directory, and then choose Directories. You're directed to the Directories screen where you can view a list of directories in your Amazon Web Services Region.

  3. Choose a directory. You're directed to the Directory details screen.

  4. Choose Users. The tab shows a list of users in your directory.

  5. Choose the user whose account you want to disable. You're directed to the User details screen.

  6. Choose Actions. Then choose Disable user account and Disable user account again.

Note

To re-enable your user's account, you must reset the user's password. For more information, see Resetting and enabling an Amazon Managed Microsoft AD user's password.

Amazon CLI

The following describes how to format a request that disables an Amazon Managed Microsoft AD user account with the Amazon Directory Service Data CLI.

To disable an Amazon Managed Microsoft AD user account with the Amazon CLI
  • Open the Amazon CLI, and run the following command, replacing the Directory ID and username with your Amazon Managed Microsoft AD Directory ID and username:

aws ds-data disable-user --directory-id d-1234567890 --sam-account-name "jane.doe"
Note

To re-enable your user account, you must reset the user's password. For more information, see Resetting and enabling an Amazon Managed Microsoft AD user's password.

Amazon Tools for PowerShell

The following describes how to format a request that disables an Amazon Managed Microsoft AD user account with Amazon Tools for PowerShell.

To disable an Amazon Managed Microsoft AD user account with Amazon Tools for PowerShell
  • Open the Windows PowerShell;, and run the following command, replacing the Directory ID and username with your Amazon Managed Microsoft AD Directory ID and username:

Disable-DSDUser -DirectoryId d-1234567890 -SAMAccountName "jane.doe"
Note

To re-enable your user account, you must reset the user's password. For more information, see Resetting and enabling an Amazon Managed Microsoft AD user's password.