Active Directory Connector for AWS
I would really appreciate some assistance. I am setting up an AWS Managed Microsoft AD connector. It will point back to our Azure O365 office installation. AWS require very few parameters, but I am running into issues with DNS. The parameters they ask for are:
- Directory DNS Name – This is the DNS domain name from Azure. ad.ourdomain.com
- DNS IP addresses – Use the IP addresses from the IP address on virtual network. 12.123.12.123
- Service account username and password
Our AD is on Microsoft 365, so in Azure, I can see it as ad.ourdomain.com. I then put in the following DNS records at our provider. The IPs are changed for anonymity.
ad.ourdomain.com A 12.123.12.123
_ldap._tcp.ourdomain.com SRV 0 0 389 ad.ourdomain.com
_kerberos._tcp.ourdomain.com SRV 0 0 88 ad.ourdomain.com
_ldap._tcp.dc._msdcs.ourdomain.com SRV 0 0 389 ad.ourdomain.com
_kerberos._tcp.dc._msdcs.ourdomain.com SRV 0 0 88 ad.ourdomain.com
For the DNS address I went looking for the Azure DNS server address, but found it is the same as the load balancer, which is the same as the ad.ourdomain.com above. I also found that the _ldap / _kerberos aliases need to refer to that IP address.
I would really appreciate someone giving me some advice on what I am doing wrong. Thank you!
My current error is:
Configuration issues detected: SRV record for LDAP does not exist for IP: 10.44.0.2, SRV record for Kerberos does not exist for IP: 10.44.0.2. Please verify existing configuration and retry the operation.