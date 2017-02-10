You can also use AD Connector to authenticate users in an on-premises AD for access to Amazon WorkSpaces. For each on-premises AD domain that contains user accounts, a separate AD Connector needs to be configured, which means that AD Connector works well for environments with a single on-premises domain, or for proof-of-concept projects.

This feature is available now in all AWS regions where Amazon WorkSpaces is offered. To configure an interforest trust relationship between on your on-premises AD and Microsoft AD on AWS, see the documentation here. Once a trust is established, you can select the domain where your user accounts are managed directly in the Amazon WorkSpaces console, and proceed to provisioning WorkSpaces for your users. If you are using Amazon WorkSpaces API to provision WorkSpaces, you need to append the NETBIOS name (NETBIOSusername), or the domain name (DOMAINusername), to the username in your API call in order to provision WorkSpaces.

Read the entire article here, Amazon WorkSpaces now supports interforest trusts with AWS Microsoft AD for easier user and directory management

