Support Center

Installing the Active Directory Bridge

If your organization was created after Tuesday, April 11 2017, the Active Directory Bridge is not supported.  Contact Support if you need this feature in your organization.

System Requirements:
  • Windows 2008 or 2012 64-bit
  • 15MB disk space
  • 10MB RAM

Prerequisites:
  • Scheduled Downtime - installation requires reboot
  • Single Active Directory Domain name
  • Internet connectivity
  • AD user with "Read all user information" permissions, using a Domain Admin is not recommended
  • Your JumpCloud API Key

Required: Install on all DC's in your AD domain
Note 1: The agent currently only supports a single Root domain.  
Note 2: Do not give the AD "Read all user information" user a username of JumpCloud; as part of the process you will be required to give a security group the same name which will cause issues.
 
  1. In the JumpCloud Administrator Console, select Directories
  2. Select Download Agent, note the connect key/API Key, select Download Agent within the dialog.


       
  3. Save the installer to your Domain Controller
  4. Browse to where the file was saved, right-click and Run as administrator
  5. Click Next to continue Setup
  6. Enter your Domain name in Distinguished Name format, e.g.; jumpcloud.com would be entered DC=jumpcloud;DC=com.  Click Next 


     
  7. Enter your domain user with Read permissions, e.g.; jumpcloud\adbridgesvc and password. If you need further documentation on creating a domain user with Read permissions please see the footnote. Click Next                


     
  8. Enter your JumpCloud API Key. Click Next
  9. Recommended: Leave the install location default.  Click Install. Reboot when complete
  10. Post reboot, confirm that JumpCloud AD Bridge Agent with service name adint is in a running status

Once installed, move on to configuring AD for use with the AD Bridge.

Footnote: Creating an AD read-only user account
To create the AD read-only user account that JumpCloud uses to query the Active Directory LDAP database: 
  1. Create a new user in "Active Directory Users and Computers"
  2. Right-click Users and select Delegate Control (This opens the "Delegation of Control Wizard")
  3. Click Next to segue to the next page
  4. Add the newly created user to the delegation
  5. Click Next again and select Read all user information, as follows: 


     
  6. Click Next and you should see that you have successfully completed the Delegation of Control wizard
 

Last Updated: Apr 12, 2017 01:52PM MDT

Related Articles
31b11a79e2c94470a66430cfe6d3eecd@jumpcloud.desk-mail.com
https://cdn.desk.com/
false
desk
Loading
seconds ago
a minute ago
minutes ago
an hour ago
hours ago
a day ago
days ago
about
false
Invalid characters found
/customer/en/portal/articles/autocomplete