Active Directory and JumpCloud: A Complete IAM Approach

Active Directory’s Position in the Workplace

IT admins value AD because they can customize it thoroughly, tailor it to AD-reliant applications, and build extensive knowledge of the domain. AD also represents significant investments in time, infrastructure, and licensing for their organizations.

Although AD is powerful in connecting to domain-bound resources, it does not connect natively to cloud and non-Microsoft resources, which are proliferating in the modern age of IT and remote work. This means admins have to maintain “mini” directories essentially, a directory in each application or on each server and each of them require manual access management. Managing more than one directory (and more than one set of identities per employee) and a collection of third-party services and SSO tools is inefficient and insecure.

Cybersecurity research indicates identity and access management (IAM) is critical to organizational security, and the digital identity is at its core.

How JumpCloud’s Active Directory Integration Works

JumpCloud enables tight integration and bi-directional syncing between AD and JumpCloud. Using Active Directory Integration, admins can bring information from AD into JumpCloud and send information from JumpCloud back to AD, including user and group attributes.

The transmission of information between AD and JumpCloud uses lightweight agents, which enable routine syncs. Admins download the agents through the JumpCloud Admin Portal, save and configure them in AD, select which users and groups to sync, and let JumpCloud work in the background. (Learn more about the details of this process in our AD Integration documentation.)

Through the JumpCloud Admin Portal, admins can provision AD users to macOS and Linux systems, web applications, file servers, WiFi networks, and more. They can create users in JumpCloud and provision those new users to AD automatically, as well as control user state through either platform. For example, they can specify that users suspended in JumpCloud are automatically disabled in AD, too.

In essence, admins can leave AD in place, wrap JumpCloud around it, and extend identities anywhere they’re needed via JumpCloud’s LDAP, RADIUS, and SAML protocols. Further, IT admins can start to control and manage their ongoing AD tasks from JumpCloud, with the potential to manage only one IAM platform, but also keep AD intact for their Windows-based resources. Admins then have centralized control over their IAM infrastructure from AD and/or potentially from JumpCloud.

Testing JumpCloud

Now that you’ve read about the Active Directory Integration feature, give it a try yourself. We recommend working in a test environment: You can spin up a virtual domain controller to do so. Otherwise, you can simply launch a JumpCloud Free account and learn more about the interface and features. Although you won’t see the sync in action — you’ll need an AD server either in a test lab or production for that — you’ll still get a feel for what the platform offers you.

Before you take either of these steps, we recommend you start with this seven-minute tutorial video with one of our product managers to get an overview of Active Directory Integration and its setup.