AWS, Cloud Computing

4 Mins Read

A Guide to Configure AWS AD Connector, Active Directory, and DNS for Windows Server

Voiced by Amazon Polly


The step-by-step AWS AD Connector setup involves configuring Active Directory (AD) and Domain Name System (DNS) within a Windows Server 2012 R2 instance on Amazon Web Services (AWS). This process encompasses launching the Amazon EC2 instance, setting up AD Domain Services (AD DS), configuring DNS settings to ensure proper name resolution, and integrating AWS AD Connector for seamless authentication and integration of directory services. AWS IAM roles are also established to grant Amazon EC2 instances full access, ensuring a secure deployment and efficient resource management within the AWS environment. 


Setting up AWS AD Connector involves integrating your on-premises Active Directory (AD) with AWS Directory Service to extend your directory into the cloud. This facilitates seamless user authentication and directory services for AWS resources. In the initial steps, you need to configure your on-premises Active Directory and ensure DNS resolution is correctly configured for your domain. AWS AD Connector acts as a bridge, allowing AWS resources to leverage your existing on-premises AD infrastructure, maintaining a unified identity and access management system across both on-premises and cloud environments. This integration is crucial for organizations seeking a hybrid cloud approach while maintaining a consistent and secure user experience.

Pioneers in Cloud Consulting & Migration Services

  • Reduced infrastructural costs
  • Accelerated application deployment
Get Started

Step-by-Step Guide

Step 1: Create a Windows Server 2012 R2 Instance

Log in to the AWS Management Console.

Navigate to the Amazon EC2 service.

Launch a new Amazon EC2 instance, choosing “Microsoft Windows Server 2012 R2 Base” as the AMI.

Configure the instance details, storage, tags, and security group as needed.

Review the settings and launch the instance.


Step 2: Once the instance is running, connect to it using Remote Desktop Protocol (RDP)

Upon login, change the default password to a secure one.


Step 3: Install AD DS Role and Features

Open Server Manager.

Click on “Manage” and select “Add Roles and Features.”


Choose “Active Directory Domain Services” from the list of roles and follow the wizard to install the role.


Complete the installation by accepting the default settings.

Step 4: Create a Forest (e.g.,

After the AD DS installation, a configuration wizard will appear. Choose “Add a new forest.”

Specify the root domain name (e.g., and complete the wizard.



Step 5: Configure DNS

In Server Manager, select “Tools” and “DNS.”

Create a Reverse Lookup Zone for the subnet of your server.



Create a Forward Lookup Zone for your domain (

Step 6: Configure Ethernet Settings

Open Ethernet, uncheck the ipv6 protocol, right-click on ipv4, and enter the private IP of the ec2 instance.


Step 7: Create a User and Password in AD

In Server Manager, select “Tools” and “Active Directory Users and Computers.”



Navigate to the Users container and create a new user with a password.


Step 8: AWS IAM Role for Amazon EC2 Full Access

Open the AWS Management Console.

Navigate to “IAM” (Identity and Access Management) service.

In the left navigation pane, select “Roles,” then click “Create role.”

Choose “Directory Services” as the service that will use this role.

Attach the policy “AmazonEC2FullAccess” to the role.

Complete the wizard and note the AWS IAM Role ARN.


Step 9: Create AWS Directory Services – AD Connector

In the AWS Management Console, navigate to “Directory Service.”

Click on “AD Connector.”



Choose your AD Connector, then go to the “Networking and security” tab.


In the “Application Management” Enable the Application access URL.

In the “Application Management” Enable AWS Management Console.


Add the user to “myrole” created in the Windows server.


AD connector is connected to the Windows server.




Configuring AWS AD Connector involves seamlessly bridging on-premises Active Directory with AWS Directory Service for unified identity and access management. Ensuring proper DNS configuration and integration with the existing Active Directory are key steps for a successful setup.

This facilitates a hybrid cloud environment, allowing organizations to leverage the benefits of AWS while maintaining a consistent, secure, and centralized user authentication system across both on-premises and cloud infrastructure.

Drop a query if you have any questions regarding AWS AD Connector and we will get back to you quickly.

Making IT Networks Enterprise-ready – Cloud Management Services

  • Accelerated cloud migration
  • End-to-end view of the cloud environment
Get Started

About CloudThat

CloudThat is a leading provider of Cloud Training and Consulting services with a global presence in India, the USA, Asia, Europe, and Africa. Specializing in AWS, Microsoft Azure, GCP, VMware, Databricks, and more, the company serves mid-market and enterprise clients, offering comprehensive expertise in Cloud Migration, Data Platforms, DevOps, IoT, AI/ML, and more.

CloudThat is recognized as a top-tier partner with AWS and Microsoft, including the prestigious ‘Think Big’ partner award from AWS and the Microsoft Superstars FY 2023 award in Asia & India. Having trained 650k+ professionals in 500+ cloud certifications and completed 300+ consulting projects globally, CloudThat is an official AWS Advanced Consulting Partner, AWS Training Partner, AWS Migration Partner, AWS Data and Analytics Partner, AWS DevOps Competency Partner, Amazon QuickSight Service Delivery Partner, Amazon EKS Service Delivery Partner, Microsoft Gold Partner, AWS Microsoft Workload Partners, Amazon EC2 Service Delivery Partner, and many more.

To get started, go through our Consultancy page and Managed Services PackageCloudThat’s offerings.


1. How do I change the default password after launching the Windows Server instance on AWS?

ANS: – Connect to the instance using Remote Desktop Protocol (RDP) and change the password upon login for enhanced security.

2. What AWS IAM role is required for the Windows Server instance, and how do I set it up for Amazon EC2 Full Access in AWS?

ANS: – Create an AWS IAM role for Amazon EC2 in the AWS Management Console, attach the “AmazonEC2FullAccess” policy, and note the AWS IAM Role ARN.

3. Can I configure DNS settings after installing Active Directory on the Windows Server?

ANS: – Yes, use Server Manager to access DNS tools, create Reverse and Forward Lookup Zones, and configure Ethernet settings for optimal DNS functionality.

WRITTEN BY Shubham .

Shubham works as a Research Intern at CloudThat. He is passionate about technology and cloud computing. He is currently pursuing his Bachelor's Degree in Information Technology. In his free time, Shubham enjoys reading books and playing cricket. Shubham's interest in cloud computing led him to pursue a career in AWS Consulting, where he enjoys helping clients solve complex problems and optimize their cloud infrastructure. He constantly learns and stays up to date with the latest AWS technologies and best practices.



    Click to Comment

Get The Most Out Of Us

Our support doesn't end here. We have monthly newsletters, study guides, practice questions, and more to assist you in upgrading your cloud career. Subscribe to get them all!