- Windows 2008 or 2012 64-bit
- 15MB disk space
- 10MB RAM
- Scheduled Downtime - installation requires reboot
- Single Active Directory Domain name
- Internet connectivity
- AD user with "Read all user information" permissions, using a Domain Admin is not recommended
- Your JumpCloud API Key
Required: Install on all DC's in your AD domain
- The agent currently only supports a single Root domain.
- Do not give the AD "Read all user information" user a username of JumpCloud; as part of the process you will be required to give a security group the same name which will cause issues.
- In the JumpCloud Administrator Console, select Directories
- Select Active Directory Bridge
- Select Download Agent, note the connect key/API Key, select Download Agent within the dialog
- Save the installer to your Domain Controller
- Browse to where the file was saved, right-click and Run as administrator
- Click Next to continue Setup
- Enter your Domain name in Distinguished Name format, e.g.; jumpcloud.com would be entered DC=jumpcloud;DC=com. Click Next
- Enter your domain user with Read permissions, e.g.; jumpcloud\adbridgesvc and password. If you need further documentation on creating a domain user with Read permissions please see the footnote. Click Next
- Enter your JumpCloud API Key. Click Next
- Recommended: Leave the install location default. Click Install. Reboot when complete
- Post reboot, confirm that JumpCloud AD Bridge Agent with service name adint is in a running status
Once installed, move on to configuring AD for use with the AD Bridge.
Footnote: Creating an AD read-only user account
To create the AD read-only user account that JumpCloud uses to query the Active Directory LDAP database:
- Create a new user in "Active Directory Users and Computers"
- Right-click Users and select Delegate Control (This opens the "Delegation of Control Wizard")
- Click Next to segue to the next page
- Add the newly created user to the delegation
- Click Next again and select Read all user information, as follows:
- Click Next and you should see that you have successfully completed the Delegation of Control wizard