AWS whitepapers documentation change
Summary
Updated link text from 'AWS Directory Service' to 'Directory Service' in documentation reference
Security assessment
Change only modifies branding/naming consistency in a documentation link without altering security recommendations or configurations. No security implications identified in the context of trust relationships or authentication mechanisms.
Diff
diff --git a/whitepapers/latest/best-practices-deploying-amazon-workspaces/scenario-6-aws-microsoft-ad-shared-services-vpc-and-a-one-way-trust-to-on-premises.md b/whitepapers/latest/best-practices-deploying-amazon-workspaces/scenario-6-aws-microsoft-ad-shared-services-vpc-and-a-one-way-trust-to-on-premises.md index d92bf9ba2..23901e83b 100644 --- a//whitepapers/latest/best-practices-deploying-amazon-workspaces/scenario-6-aws-microsoft-ad-shared-services-vpc-and-a-one-way-trust-to-on-premises.md +++ b//whitepapers/latest/best-practices-deploying-amazon-workspaces/scenario-6-aws-microsoft-ad-shared-services-vpc-and-a-one-way-trust-to-on-premises.md @@ -25 +25 @@ In this scenario we establish a one-way transitive trust between the AWS Managed -A forest trust is used per Microsoft recommendation to ensure that Kerberos authentication is used whenever possible. Your WorkSpaces receive Group Policy Objects (GPOs) from your resource domain in the AWS Managed Microsoft AD. Furthermore, your WorkSpaces perform Kerberos authentication with your identity domain. For this to work reliably it is best practice to extend your identity domain to AWS as already explained above. We suggest to review the [Deploy Amazon WorkSpaces using a One-Way Trust Resource Domain with AWS Directory Service](https://aws.amazon.com/getting-started/hands-on/deploy-workspaces-one-way-trust/) implementation guide for further detail. +A forest trust is used per Microsoft recommendation to ensure that Kerberos authentication is used whenever possible. Your WorkSpaces receive Group Policy Objects (GPOs) from your resource domain in the AWS Managed Microsoft AD. Furthermore, your WorkSpaces perform Kerberos authentication with your identity domain. For this to work reliably it is best practice to extend your identity domain to AWS as already explained above. We suggest to review the [Deploy Amazon WorkSpaces using a One-Way Trust Resource Domain with Directory Service](https://aws.amazon.com/getting-started/hands-on/deploy-workspaces-one-way-trust/) implementation guide for further detail.