Your company owns an on-premises Microsoft Active Directory.
There is a plan to migrate some legacy applications to AWS, and various AWS services will be used shortly.
Your company decides to use AD Connector to allow the users to access the AWS Management Console and manage AWS resources by logging in with their existing Active Directory credentials.
Which of the following is NOT a benefit of AD Connector?
Click on the arrows to vote for the correct answer
A. B. C. D.Correct Answer: C.
Option A is incorrect because this is an advantage of AD Connector.
Existing on-premises Microsoft Active Directory can still be used for AWS resources.
Option B is incorrect because AD Connector provides an easy way to utilize the existing directory service so that users do not need to configure a new one.
Option C is CORRECT because the compatible AWS applications and services are limited.
Details can be found in https://docs.aws.amazon.com/directoryservice/latest/admin-guide/ad_connector_app_compatibility.html.
Lambda and RDS SQL are not compatible.
Option D is incorrect because users can still manage the on-premises Active Directory as before, such as by adding new users and groups and updating passwords.
References:
https://docs.aws.amazon.com/directoryservice/latest/admin-guide/what_is.html https://docs.aws.amazon.com/directoryservice/latest/admin-guide/ad_connector_app_compatibility.htmlSure, I'll be happy to explain each answer option and the overall concept behind using AD Connector in AWS.
AD Connector is an AWS service that allows you to connect your on-premises Microsoft Active Directory to AWS. This connection allows your users to log in to the AWS Management Console using their existing Active Directory credentials.
Now, let's take a look at the answer options:
A. It provides an easy way to connect AWS compatible applications to the existing on-premises Microsoft Active Directory. This answer is correct. AD Connector provides an easy way to connect AWS compatible applications to the existing on-premises Microsoft Active Directory. By doing so, you can manage your AWS resources using your existing on-premises identity systems, and your users do not need to remember and manage multiple sets of credentials.
B. It eliminates the need for directory synchronization or the complexity of hosting a federation infrastructure in AWS. This answer is correct. AD Connector eliminates the need for directory synchronization or the complexity of hosting a federation infrastructure in AWS. By using AD Connector, you can avoid the need to set up and maintain a separate identity and access management system in AWS.
C. AD Connector is compatible with almost all AWS services, including EC2, Lambda and RDS SQL. This answer is correct. AD Connector is compatible with almost all AWS services, including EC2, Lambda, and RDS SQL. By using AD Connector, you can provide access to AWS resources for your users without having to create additional IAM users, groups, and roles.
D. Users can continue to manage the existing Active Directory as before. This answer is incorrect. AD Connector does not allow users to manage the existing Active Directory as before. Instead, it allows users to access AWS resources by logging in with their existing Active Directory credentials. While AD Connector does not change how your Active Directory is managed, it does introduce a new way for your users to access AWS resources.
In summary, AD Connector provides an easy way to connect AWS-compatible applications to your on-premises Microsoft Active Directory, eliminates the need for directory synchronization or the complexity of hosting a federation infrastructure in AWS, and is compatible with almost all AWS services. However, it does not allow users to manage the existing Active Directory as before.