Amazon FSx for Windows File Server
It’s a fully managed Windows-native file system on AWS.
- It supports SMB protocol (the same used by Windows file shares).
- It integrates with Active Directory (AD) for user authentication and access control.
“Set the Active Directory domain for authentication” — what it means
When you create an FSx for Windows File Server, you must tell AWS how it should handle user authentication and permissions.
FSx doesn’t manage users by itself — instead, it joins an Active Directory domain.
That way, your existing users and groups (from AD) can:
- Authenticate (log in) to the file share.
- Have permissions (read/write/deny) applied using standard NTFS and SMB ACLs.
✅ Two main options:
- AWS Managed Microsoft AD
- You let AWS manage an AD domain.
- FSx joins this domain.
- Users in this AD can access the file system.
- Self-Managed AD (on-premises or in EC2)
- If you already have an AD (on-prem or in the cloud), FSx can be joined to that domain using AWS Directory Service AD Connector.
- This allows your existing corporate AD users to authenticate.
🔎 In practice:
When setting up FSx, you’ll be asked for AD details such as:
- Domain name (e.g.,
corp.example.com) - DNS IPs of your domain controllers
- A service account (with permissions to join machines to the domain)
After FSx joins the domain:
- Users connect like they would to a normal Windows file share (
\\fsxshare\folder). - Authentication and access are handled by AD.
👉 So the phrase means:
When you create an FSx for Windows file system, you must tell AWS which Active Directory domain it should use for user login and access control.
Here’s a clear comparison table for Amazon FSx for Windows File Server vs Amazon EFS in the context of your SharePoint scenario:
| Feature / Requirement | Amazon FSx for Windows File Server | Amazon EFS (Elastic File System) |
|---|---|---|
| Supported Protocol | SMB (Windows file sharing) | NFS (Linux/Unix file sharing) |
| Windows AD Integration | ✅ Fully integrates with Active Directory | ❌ No native AD integration |
| File Semantics | ✅ Windows-native (NTFS, ACLs, locks) | ❌ POSIX permissions only |
| High Availability | ✅ Multi-AZ option available | ✅ Multi-AZ option available |
| Typical Workload | Windows applications, SharePoint, SQL Server | Linux applications, web servers, containers |
| Access from Windows Clients | ✅ Seamless SMB access | ❌ Limited (requires NFS client for Windows) |
| Use Case Fit for SharePoint | ✅ Ideal | ❌ Not suitable |
🔑 Takeaways:
- FSx for Windows File Server is Windows-native and supports AD authentication, making it the correct choice for SharePoint.
- EFS is Linux/NFS-only and cannot natively handle Windows ACLs or AD users, so it doesn’t meet the requirements.
Top comments (0)