25,081 questions
Active Directory Connector for AWS
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(128, 36%, 22%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EJG%3C/text%3E%3C/svg%3E)
Jeremy Green
101
Reputation points
I would really appreciate some assistance. I am setting up an AWS Managed Microsoft AD connector. It will point back to our Azure O365 office installation. AWS require very few parameters, but I am running into issues with DNS. The parameters they ask for are:
- Directory DNS Name – This is the DNS domain name from Azure. ad.ourdomain.com
- DNS IP addresses – Use the IP addresses from the IP address on virtual network. 12.123.12.123
- Service account username and password
Our AD is on Microsoft 365, so in Azure, I can see it as ad.ourdomain.com. I then put in the following DNS records at our provider. The IPs are changed for anonymity.
ad.ourdomain.com A 12.123.12.123
_ldap._tcp.ourdomain.com SRV 0 0 389 ad.ourdomain.com
_kerberos._tcp.ourdomain.com SRV 0 0 88 ad.ourdomain.com
_ldap._tcp.dc._msdcs.ourdomain.com SRV 0 0 389 ad.ourdomain.com
_kerberos._tcp.dc._msdcs.ourdomain.com SRV 0 0 88 ad.ourdomain.com
For the DNS address I went looking for the Azure DNS server address, but found it is the same as the load balancer, which is the same as the ad.ourdomain.com above. I also found that the _ldap / _kerberos aliases need to refer to that IP address.
I would really appreciate someone giving me some advice on what I am doing wrong. Thank you!
My current error is:
Configuration issues detected: SRV record for LDAP does not exist for IP: 10.44.0.2, SRV record for Kerberos does not exist for IP: 10.44.0.2. Please verify existing configuration and retry the operation.
Microsoft Security Microsoft Entra Microsoft Entra ID
{count} votes
-
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(214.4, 81%, 30%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EMT%3C/text%3E%3C/svg%3E)
Marilee Turscak-MSFT 37,206 Reputation points Microsoft Employee Moderator2021-08-23T21:43:45.44+00:00 Please check the troubleshooting guide here that gives the steps for resolving this error. https://docs.aws.amazon.com/directoryservice/latest/admin-guide/ad_connector_troubleshooting.html
Sign in to comment
Sign in to answer