Legacy RADIUS server IPs will be deprecated on Dec 1, 2018. Please see this KB for more info.

Support Center

Installing AD Bridge

System Requirements:
  • Windows Server 2008, 2012 & 2016 (64-bit)
  • 15MB disk space
  • 10MB RAM

Prerequisites:
  • Scheduled Downtime - installation requires reboot
  • Single Active Directory Domain name
  • Internet connectivity
  • AD user with "Read all user information" permissions, using a Domain Admin is not recommended
  • Your JumpCloud API Key and Organization ID

Required: Install on all DC's in your AD domain

Notes: 
  • The agent currently only supports a single Root domain
  • Do not give the AD "Read all user information" user a username of JumpCloud; as part of the process, you will be required to give a security group the same name which will cause issues
 
  1. In the JumpCloud Administrator Console, select Directories.
  2. Select AD Bridge.
  3. Select Download AD Bridge Agent, note the API key provided will be needed during installation. 


       
  4. Save the installer to your Domain Controller
  5. Browse to where the file was saved, right-click and Run as administrator
  6. Click Next to continue Setup
  7. Enter your Domain name in Distinguished Name format, e.g.; jumpcloud.com would be entered DC=jumpcloud;DC=com, select Next 


     
  8. Enter your domain user with Read permissions, e.g.; jumpcloud\adbridgesvc and password. If you need further documentation on creating a domain user with Read permissions please see the footnote, select Next


     
  9. Enter your JumpCloud API Key, select Next
  10. Enter your JumpCloud Organization ID, select Next
  11. Recommended: Leave the install location default
  12. Select Install. When complete, Reboot is required
  13. Post reboot, confirm that JumpCloud AD Bridge Agent with service name adint is in a running status

Once installed, move on to configuring AD for use with the AD Bridge.

Footnote: Creating an AD read-only user account
To create the AD read-only user account that JumpCloud uses to query the Active Directory LDAP database: 
  1. Create a new user in "Active Directory Users and Computers"
  2. Right-click Users and select Delegate Control (This opens the "Delegation of Control Wizard")
  3. Click Next to segue to the next page
  4. Add the newly created user to the delegation
  5. Click Next again and select Read all user information, as follows: 


     
  6. Click Next and you should see that you have successfully completed the Delegation of Control wizard
 

Last Updated: Sep 19, 2018 10:31AM MDT

Related Articles
31b11a79e2c94470a66430cfe6d3eecd@jumpcloud.desk-mail.com
https://cdn.desk.com/
false
desk
Loading
seconds ago
a minute ago
minutes ago
an hour ago
hours ago
a day ago
days ago
about
false
Invalid characters found
/customer/en/portal/articles/autocomplete