Posted On: Dec 13, 2019
Amazon Directory Service for Microsoft Active Directory, also known as Amazon Web Services Managed Microsoft AD, can now encrypt Lightweight Directory Access Protocol (LDAP) communications between Amazon Web Services applications, such as Amazon Workspaces, and your self-managed AD. This allows you to better protect your organization’s identity data and meet your security requirements by enabling Amazon Web Services Managed Microsoft AD as your Secure LDAP (LDAPS) client.
To enable client-side LDAPS, you simply import your certificate authority (CA) certificate into Amazon Web Services Managed Microsoft AD, then enable LDAPS on your directory. Upon enabling, all LDAP traffic between Amazon Web Services applications and your self-managed AD will flow with Secure Sockets Layer (SSL) channel encryption.
LDAPS support is available today in the Amazon Web Services China (Beijing) region, operated by Sinnet and the Amazon Web Services China (Ningxia) region, operated by NWCD. To learn more, see how to Enable Secure LDAP (LDAPS).