AWS Directory Service
Administration Guide (Version 1.0)

What Gets Created

When you create a directory with Microsoft AD, AWS Directory Service performs the following tasks on your behalf:

  • Sets up Active Directory within the VPC running on two domain controllers for fault tolerance and high availability. If you need more domain controllers, you can add them later. For more information, see Deploy Additional Domain Controllers.

  • Creates a directory administrator account with the user name Admin and the specified password. You use this account to manage your directory


    Be sure to save this password. AWS Directory Service does not store this password and it cannot be retrieved or reset

  • Creates a new AWS Reserved OU to store all AWS specific accounts

  • Creates a security group for the domain controllers.