Posted On: Dec 13, 2019

AWS Directory Service for Microsoft Active Directory, also known as AWS Managed Microsoft AD, can now encrypt Lightweight Directory Access Protocol (LDAP) communications between AWS applications, such as Amazon Workspaces, and your self-managed AD. This allows you to better protect your organization’s identity data and meet your security requirements by enabling AWS Managed Microsoft AD as your Secure LDAP (LDAPS) client.  

To enable client-side LDAPS, you simply import your certificate authority (CA) certificate into AWS Managed Microsoft AD, then enable LDAPS on your directory. Upon enabling, all LDAP traffic between AWS applications and your self-managed AD will flow with Secure Sockets Layer (SSL) channel encryption. 

LDAPS support is available today in the AWS China (Beijing) region, operated by Sinnet and the AWS China (Ningxia) region, operated by NWCD. To learn more, see how to Enable Secure LDAP (LDAPS)