Network problems are usually encountered when configuring the AD Connector of AWS, and the AD Connector itself blocks some network details, making it often difficult to find the root cause. This article will sort out the AD Connector network problems.
First of all, what needs to be clarified is that AD Connector is a proxy for Microsoft Active Directory. IAM can connect to an existing AD server through it, so that users can use their own AD domain accounts to log in to certain AWS services. Special attention should be paid to the fact that the AD Connector itself needs to be hosted by the server (the model must be selected according to the load when creating: small / large), and it will also have a corresponding IP address, although we cannot log in to its server (similar to MWAA, MSK is a hosting service and has physical nodes, but you cannot log in).
After determining that the AD Connector needs to be assigned an IP address, many issues will be easier to understand. In the wizard to create the AD Connector, one step is to select a subnet for the AD Connector, usually two subnets:
Accordingly, after creation, the AD Connector will apply for an IP in each of the two subnets (it is impossible to determine whether the HA architecture is created in the two subnets). The IP address can be viewed in the details page after creation. arrive:
