Active Directory
- Usage of LDAP in Organization
- Active Directory
- Tree: This is hierarchy in one site
- Forest:
- Collection of Trees
- Group Policies
- Object:
- User
- Group
- System/Device
-
To create a new Active Directory to add users, Windows Servers have
- Domain Controllers
-
As discussed in the class now we have a Domain Controller
- name: qtdc1.directdevops.blog
- domain name: directdevops.blog
- BIOS name: DDBLOG
- users:
- ram
- bheem
- Groups:
- RRR
-
Now to use these users in
-
Azure:
- Allows to import users into Azure AD
- Primary is still Domain Controller
- Password write back
- Azure AD Connect Refer Here and Refer Here to download
- Allows to import users into Azure AD
-
AWS
- Allows to import users in AWS Directory Services
- AWS AD Connect
- Federated User:
- IAM => Identity Providers:
- Configure Domain Controller
- every user in ad will be external user, so we need to use security token service (STS)
- IAM => Identity Providers:
- Allows to import users in AWS Directory Services
-
Azure:
Active Directory Sync with AWS
Azure AD B2B (Business to Business) and B2C (Business to Customer)
- Azure B2B:
- Invite Guest User
- Azure AD B2C: Refer Here
- Sample Application integration Refer Here
AWS Cognito
- AWS Cognito can be used as identity provider for applications Refer Here