Creating an Amazon Managed Microsoft AD group - Amazon Directory Service
Services or capabilities described in Amazon Web Services documentation might vary by Region. To see the differences applicable to the China Regions, see Getting Started with Amazon Web Services in China (PDF).

Creating an Amazon Managed Microsoft AD group

You can create groups in your Amazon Managed Microsoft AD. Use the following procedure to create a security group with an Amazon EC2 instance that is joined to your Amazon Managed Microsoft AD directory. Before you can create security groups, you need to complete the procedures in Installing the Active Directory Administration Tools.

Active Directory Administration Tools

Use the following procedures to create an Amazon Managed Microsoft AD group with Active Directory Administration Tools.

To create a group
  1. Connect to the instance where the Active Directory Administration Tools were installed.

  2. Open the Active Directory Users and Computers tool. There is a shortcut to this tool in the Administrative Tools folder.

    Tip

    You can run the following from a command prompt on the instance to open the Active Directory Users and Computers tool box directly.

    %SystemRoot%\system32\dsa.msc
  3. In the directory tree, select an OU under your directory's NetBIOS name OU where you want to store your group (for example, Corp\Users). For more information about the OU structure used by directories in Amazon, see What gets created with your Amazon Managed Microsoft AD.

    Active Directory Users and Computers tool showing example OU structure.
  4. On the Action menu, click New, and then click Group to open the new group wizard.

  5. Type a name for the group in Group name, select a Group scope that meets your needs, and select Security for the Group type. For more information on Active Directory group scope and security groups, see Active Directory security groups in Microsoft Windows Server documentation.

  6. Click OK. The new security group will appear in the Users folder.

Windows PowerShell

You can use Windows PowerShell commands to create groups. For more information, see New-ADGroup in Windows Server 2022 PowerShell documentation.