Disabling an AWS Managed Microsoft AD user
Use the following procedure to disable an AWS Managed Microsoft AD user with user and group management or AWS Directory Service Data in either the AWS Management Console, AWS CLI, or AWS Tools for PowerShell.
Important
When you disable a user's account, the user loses any permissions to access their account and applications.
Before you begin either procedure, you need to complete the following:
To use user and group management or AWS Directory Service Data CLI, it must be enabled. For more information, see Enable user and group management or Directory Service Data.
-
You can only enable this feature from the Primary AWS Region for your directory. For more information, see Primary vs additional Regions.
-
You'll need the necessary IAM permissions to use AWS Directory Service Data. For more information, see AWS Directory Service API permissions: Actions, resources, and conditions reference. To get started granting permissions to your users and workloads, you can use AWS managed policies like AWSDirectoryServiceDataFullAccess or AWSDirectoryServiceDataReadOnlyAccess. For more information, see Security best practices in IAM.
You can disable an AWS Managed Microsoft AD user account in the AWS Management Console.
To disable an AWS Managed Microsoft AD user account with the AWS Management Console
-
Open the AWS Directory Service console at https://console.aws.amazon.com/directoryservicev2/
. -
From the navigation pane, choose Active Directory, and then choose Directories. You're directed to the Directories screen where you can view a list of directories in your AWS Region.
-
Choose a directory. You're directed to the Directory details screen.
-
Choose Users. The tab shows a list of users in your directory.
-
Choose the user whose account you want to disable. You're directed to the User details screen.
-
Choose Actions. Then choose Disable user account and Disable user account again.
Note
To re-enable your user's account, you must reset the user's password. For more information, see Resetting and enabling an AWS Managed Microsoft AD user's password.