Support Center

Configuring Tags for LDAP Group Presentation

If your organization was created after Tuesday, April 11 2017, see Create LDAP Groups


JumpCloud's Tags can act as a grouping mechanism when leveraging the product's LDAP-as-a-Service (LaaS). As described in this article, Tags provide the capability to bind users to systems, but also can act as a simple group membership object leveraged when applications are tethered to JumpCloud through LDAP, effectively making Tags look like the LDAP groupOfNames object. The following instructions will walk you through how this operates.


  1. Login to as a JumpCloud Administrator user
  2. From the left navigation, click Tags
  3. Click the + symbol to create a new Tag
  4. Provide the Tag an applicable name, and ensure that Create LDAP groups for this tag is checked on the Details tab

  5. To add members to this Tag group click the Users tab.  (Note: The Systems tab may remain unconfigured for LDAP.  Tags may serve multiple purposes however, so if you would like to present to LDAP a Tag which has Systems and Users associated, this is supported)
  6. Click the checkbox for all Users you would like included in the LDAP tag and click save tag

  7. With the Tag group saved you may now test LDAP membership

Testing Your Configuration

A simple method for confirming your setup is functional would be by performing an ldapsearch.  Below we have provided an example output from running queries using ldapsearch, and in particular have bolded the memberOfportion that reflects a user's association to the newly created LDAP Tag outlined above. 

Note 1: Refer to 
Using ldapsearch with JumpCloud for more information on performing an ldapsearch using JumpCloud LaaS
Note 2In running ldapsearch it is assumed that LDAP has been properly turned on through JumpCloud.  Refer to Using JumpCloud's LDAP-as-a-Service for more information

# cbaker, Users, REMOVED,
dn: uid=cbaker,ou=Users,o=REMOVED,dc=jumpcloud,dc=com
objectClass: top
objectClass: person
objectClass: organizationalPerson
objectClass: inetOrgPerson
objectClass: shadowAccount
objectClass: posixAccount
objectClass: jumpcloudUser gidNumber: 130008
sn: Baker
cn: Chip Baker
uid: cbaker
uidNumber: 130008
loginShell: /bin/bash
homeDirectory: /home/cbaker
givenName: Chip
memberOf: cn=Jira Users,ou=Users,o=REMOVED,dc=jumpcloud,dc=com

Last Updated: Apr 07, 2017 11:33AM MDT

Related Articles
seconds ago
a minute ago
minutes ago
an hour ago
hours ago
a day ago
days ago
Invalid characters found