- Windows Server 2008, 2012 & 2016 (64-bit)
- 15MB disk space
- 10MB RAM
- Scheduled Downtime - installation requires reboot
- Single Active Directory Domain name
- Internet connectivity
- AD user with "Read all user information" permissions, using a Domain Admin is not recommended
- Your JumpCloud API Key and Organization ID
Required: Install on all DC's in your AD domain
- The agent currently only supports a single Root domain
- Do not give the AD "Read all user information" user a username of JumpCloud; as part of the process, you will be required to give a security group the same name which will cause issues
- In the JumpCloud Administrator Console, select Directories.
- Select AD Bridge.
- Select Download AD Bridge Agent, note the API key provided will be needed during installation.
- Save the installer to your Domain Controller
- Browse to where the file was saved, right-click and Run as administrator
- Click Next to continue Setup
- Enter your Domain name in Distinguished Name format, e.g.; jumpcloud.com would be entered DC=jumpcloud;DC=com, select Next
- Enter your domain user with Read permissions, e.g.; jumpcloud\adbridgesvc and password. If you need further documentation on creating a domain user with Read permissions please see the footnote, select Next
- Enter your JumpCloud API Key, select Next
- Enter your JumpCloud Organization ID, select Next
- Recommended: Leave the install location default
- Select Install. When complete, Reboot is required
- Post reboot, confirm that JumpCloud AD Bridge Agent with service name adint is in a running status
Once installed, move on to configuring AD for use with the AD Bridge.
Footnote: Creating an AD read-only user account
To create the AD read-only user account that JumpCloud uses to query the Active Directory LDAP database:
- Create a new user in "Active Directory Users and Computers"
- Right-click Users and select Delegate Control (This opens the "Delegation of Control Wizard")
- Click Next to segue to the next page
- Add the newly created user to the delegation
- Click Next again and select Read all user information, as follows:
- Click Next and you should see that you have successfully completed the Delegation of Control wizard