SimpleAD is a managed directory service that is powered by a Samba 4 Active Directory Compatible Server. User accounts can be created in SimpleAD to access AWS applications such as AWS Client VPN, Amazon WorkSpaces, Amazon WorkDocs, or Amazon WorkMail.

I have used this service for user authentication in Client VPN. One of the challenges that we faced is that the user management in SimpleAD was very biased to Windows OS and not linux. It was not a good idea to manage a Windows server just to manage users where as all the other applications are running in Linux. After some googling, I came to know about some tools which can be used to manage users in SimpleAD. But none of them are complete or easy to understand. This inspired me to write a post on the same.

Install the packages samba-common, adcli on the Linux OS by which you are trying to manage the AD.

Take note of the Directory domain name and the DNS servers from the AWS SimpleAD console UI. The below example assumes username is the user that we are administering, “password” is the password, vpn.example.com is the directory domain and 192.168.1.2, 192.168.1.3 as the DNS servers for the directory

Create User

Delete User

List users

More adcli commands can be found here