Support Center

Getting Started: Groups

JumpCloud® user and system groups let you perform group-based assignments on resources. User groups grant users access to resources. System groups pool together your systems for policy enforcement and user account provisioning at scale. For user groups, connect the distinct resources you want to let users access (applications, LDAP resources, networks and more). For system groups, connect the user groups you want to provide bulk-access to, and assign system policies en masse.

This KB covers:

Groups of Users

To create a group of users, individual users should be created first, see Getting Started: Users.

1 - Create a User Group

To create a user group
:
  1. Log in to the JumpCloud Admin Portal:  https://console.jumpcloud.com/login.
  2. Go to Groups.
  3. Click ( + ), then select Create Group of Users.
The New User Group panel appears.



On this panel you can define:
  • Group Name:  This is an arbitrary descriptive value for the group's purpose.
  • Create Linux group for this user group: (Optional) If enabled, Linux® group name and Group GID must be defined. Members of this group will be added to new or existing Linux groups on supported OS's. If the group is bound to LDAP, it will be added to the posixGroup objectClass. 
  • Samba Authentication: (Optional) Enables LDAP Samba Schema, see Enabling Samba with JumpCloud LDAP for more information
Note: Linux group name currently doesn't support hyphens.
 

2 - Add Users to the Group

Next, add users to the group.  

To add users to the group:
  1. On the New User Group panel, click the Users tab.
  2. Select users in the list.
  3. Click save group.



3 - Connect the Group to Resources

After you add users to the group, you can connect the group to one or more resources. Access to all resources is implicitly denied by default. To grant access, groups must be explicitly bound to resources. You can connect the following resources to groups of users:
  • A Group of Systems - Connecting a group of users to a group of systems will also be reflected in the Groups panel Users tab.
  • SSO applications 
  • RADIUS servers
  • Directories (G Suite, Office 365, JumpCloud LDAP)
It's important to determine a connection scheme according to the access needs of your organization. It may be best to create a group to connect to a single type of resource. For example, a group of developers that are bound to system group that contains production infrastructure.

If the use case requires that a specific user group should also have unique access to another resource such as a RADIUS-enabled WAP, then it can make sense to connect the user group to multiple resource types, but doing so could limit the amount of control in the future if access needs to be segregated; removing or adding users to the group would grant or revoke access to all of the resources the group is bound to.

To connect the user group to resources:
  1. Log in to the JumpCloud Admin Portal:  https://console.jumpcloud.com/login.
  2. Go to Groups.
  3. Select a group of users from the list of groups.
  4. On the user panel, click the tab that corresponds to the type of resource you want to connect to the user group. You can select System Groups, Applications, RADIUS, or Directories.
  5. Select the resources you want to connect to the user group, then click save group.
 

Group of Systems

To create a group of systems, systems should be added first, see Getting Started: Systems.

1 - Create a System Group

To create a user group:
  1. Log in to the JumpCloud Admin Portal:  https://console.jumpcloud.com/login.
  2. Go to Groups.
  3. Click ( ), then select Create Group of Systems.


The New System Group panel appears.



On this panel you can define:
  • Group Name:  This is an arbitrary descriptive value for the group's purpose.
Next, define the systems that should belong to the group.  

2 - Add Systems to the Group

To add systems to the group
:
  1. On the New User Group panel, click the Systems tab.
  2. Select systems in the list.
  3. Click save group.


3 - Connect the Group to Users

After you define the group systems, you can connect the group to one or more user groups. As previously described, access to all resources is implicitly denied by default. To grant access, groups must be explicitly bound to resources. 

To connect the system group to a group of users:
  1. On the New User Group panel, click the User Groups tab.
  2. Select one or more user groups in the list.
  3. Click save group.
More Information
Find more information about groups in the JumpCloud KB's User and Group Management section and by watching the following video.

 

Last Updated: Mar 08, 2019 11:05AM MST

Related Articles
31b11a79e2c94470a66430cfe6d3eecd@jumpcloud.desk-mail.com
https://cdn.desk.com/
false
desk
Loading
seconds ago
a minute ago
minutes ago
an hour ago
hours ago
a day ago
days ago
about
false
Invalid characters found
/customer/en/portal/articles/autocomplete