This content originally appeared on DEV Community and was authored by Wakeup Flower
Amazon FSx for Windows File Server
It’s a fully managed Windows-native file system on AWS.
- It supports SMB protocol (the same used by Windows file shares).
- It integrates with Active Directory (AD) for user authentication and access control.
“Set the Active Directory domain for authentication” — what it means
When you create an FSx for Windows File Server, you must tell AWS how it should handle user authentication and permissions.
FSx doesn’t manage users by itself — instead, it joins an Active Directory domain.
That way, your existing users and groups (from AD) can:
- Authenticate (log in) to the file share.
- Have permissions (read/write/deny) applied using standard NTFS and SMB ACLs.
✅ Two main options:
- AWS Managed Microsoft AD
- You let AWS manage an AD domain.
- FSx joins this domain.
- Users in this AD can access the file system.
- Self-Managed AD (on-premises or in EC2)
- If you already have an AD (on-prem or in the cloud), FSx can be joined to that domain using AWS Directory Service AD Connector.
- This allows your existing corporate AD users to authenticate.
🔎 In practice:
When setting up FSx, you’ll be asked for AD details such as:
- Domain name (e.g.,
corp.example.com) - DNS IPs of your domain controllers
- A service account (with permissions to join machines to the domain)
After FSx joins the domain:
- Users connect like they would to a normal Windows file share (
\\fsxshare\folder). - Authentication and access are handled by AD.
👉 So the phrase means:
When you create an FSx for Windows file system, you must tell AWS which Active Directory domain it should use for user login and access control.
Here’s a clear comparison table for Amazon FSx for Windows File Server vs Amazon EFS in the context of your SharePoint scenario:
| Feature / Requirement | Amazon FSx for Windows File Server | Amazon EFS (Elastic File System) |
|---|---|---|
| Supported Protocol | SMB (Windows file sharing) | NFS (Linux/Unix file sharing) |
| Windows AD Integration | ✅ Fully integrates with Active Directory | ❌ No native AD integration |
| File Semantics | ✅ Windows-native (NTFS, ACLs, locks) | ❌ POSIX permissions only |
| High Availability | ✅ Multi-AZ option available | ✅ Multi-AZ option available |
| Typical Workload | Windows applications, SharePoint, SQL Server | Linux applications, web servers, containers |
| Access from Windows Clients | ✅ Seamless SMB access | ❌ Limited (requires NFS client for Windows) |
| Use Case Fit for SharePoint | ✅ Ideal | ❌ Not suitable |
🔑 Takeaways:
- FSx for Windows File Server is Windows-native and supports AD authentication, making it the correct choice for SharePoint.
- EFS is Linux/NFS-only and cannot natively handle Windows ACLs or AD users, so it doesn’t meet the requirements.
This content originally appeared on DEV Community and was authored by Wakeup Flower
Wakeup Flower | Sciencx (2025-09-20T21:52:02+00:00) What is Active Directory (AD) domain for FSx authentication. Retrieved from https://www.scien.cx/2025/09/20/what-is-active-directory-ad-domain-for-fsx-authentication/
Please log in to upload a file.
There are no updates yet.
Click the Upload button above to add an update.