Active Directory

• Usage of LDAP in Organization
  
• Active Directory
  • Tree: This is hierarchy in one site
  • Forest:
    • Collection of Trees
  • Group Policies
  • Object:
    • User
    • Group
    • System/Device
• To create a new Active Directory to add users, Windows Servers have
  • Domain Controllers
• As discussed in the class now we have a Domain Controller
  • name: qtdc1.directdevops.blog
  • domain name: directdevops.blog
  • BIOS name: DDBLOG
  • users:
    • ram
    • bheem
  • Groups:
    • RRR
• Now to use these users in
  • Azure:
    • Allows to import users into Azure AD
      • Primary is still Domain Controller
      • Password write back
      • Azure AD Connect Refer Here and Refer Here to download
  • AWS
    • Allows to import users in AWS Directory Services
      • AWS AD Connect
    • Federated User:
      • IAM => Identity Providers:
        • Configure Domain Controller
        • every user in ad will be external user, so we need to use security token service (STS)

Active Directory Sync with AWS

• Refer Here

Azure AD B2B (Business to Business) and B2C (Business to Customer)

• Azure B2B:
  • Invite Guest User
• Azure AD B2C: Refer Here
• Sample Application integration Refer Here

AWS Cognito

• AWS Cognito can be used as identity provider for applications Refer Here