Enabling or disabling user and group management or Amazon Directory Service Data - Amazon Directory Service
Services or capabilities described in Amazon Web Services documentation might vary by Region. To see the differences applicable to the China Regions, see Getting Started with Amazon Web Services in China (PDF).

Enabling or disabling user and group management or Amazon Directory Service Data

To use user and group management or Amazon Directory Service Data, it must be enabled. Once enabled, you can manage users and groups from the Amazon Web Services Management Console, Amazon CLI, or Amazon Tools for PowerShell.

Important

Enabling Amazon Directory Service Data

Use the following procedure to enable user and group management or Amazon Directory Service Data for an existing Amazon Managed Microsoft AD with either the Amazon Web Services Management Console, Amazon CLI, or Amazon Tools for PowerShell.

Amazon Web Services Management Console

You can enable user and group management with the Amazon Web Services Management Console.

To enable user and group management
  1. Open the Amazon Directory Service console at https://console.amazonaws.cn/directoryservicev2/.

  2. On the Directory details page, to enable user and group management, select Enable.

  3. In the Enable user and group management dialog box, select Enable.

Amazon CLI

The following describes how to format a request that enables the Amazon Directory Service Data CLI. You must include your Directory ID number in your request.

Note

The enable Amazon Directory Service Data CLI commands use aws ds.

To enable Amazon Directory Service Data CLI
  • Open the Amazon CLI, and run the following command, replacing the Directory ID with your Amazon Managed Microsoft AD Directory ID:

aws ds enable-directory-data-access --directory-id d-1234567890
Amazon Tools for PowerShell
To enable Directory Service Data with Tools for PowerShell
  • Open the Windows PowerShell, and run the following command, replacing the Directory ID with your Amazon Managed Microsoft AD Directory ID:

Enable-DSDirectoryDataAccess -DirectoryId d-1234567890

Disabling Amazon Directory Service Data

Use the following procedure to disable user and group management or Amazon Directory Service Data for an existing Amazon Managed Microsoft AD with either the Amazon Web Services Management Console, Amazon CLI, or Amazon Tools for PowerShell.

Amazon Web Services Management Console

You can disable user and group management with the Amazon Web Services Management Console.

To disable user and group management
  1. Open the Amazon Directory Service console at https://console.amazonaws.cn/directoryservicev2/.

  2. On the Directory details page, to disable user and group management, select Disable.

  3. In the Disable user and group management dialog box, select Disable.

Amazon CLI

The following describes how to format a request that disables the Amazon Directory Service Data CLI. You must include your Directory ID number in your request.

Note

The disable Amazon Directory Service Data CLI commands use aws ds.

To disable Amazon Directory Service Data CLI
  • Open the Amazon CLI, and run the following command, replacing the Directory ID with your Amazon Managed Microsoft AD Directory ID:

aws ds disable-directory-data-access --directory-id d-1234567890
Amazon Tools for PowerShell
To disable Directory Service Data with Tools for PowerShell
  • Open the Windows PowerShell, and run the following command, replacing the Directory ID with your Amazon Managed Microsoft AD Directory ID:

Disable-DSDirectoryDataAccess -DirectoryId d-123456789