Get Started: Active Directory Integration (ADI)

The full integration that enables the syncing of users, groups, and passwords between JumpCloud and AD. The integration consists of two agents; the Import Agent and Sync Agent. The integration can be configured to use one or both of the agents. Your use case determines which agents are required, the direction of the sync, and which system is the authority.

The JumpCloud Active Directory Migration Utility (ADMU) is a tool that automates the migration of AD domain users to JumpCloud managed users. The utility converts a Windows non-local domain user profile to a local profile, simultaneously leaving the domain and installing JumpCloud.

JumpCloud’s lightweight agent imports user identities and certain security groups from AD to JumpCloud.  It can also be configured to import passwords if installed on DCs.  It can be installed on all the DCs or one or more member servers. t. This agent pushes or sends all user, group, and, if applicable, password changes that have occurred in AD since the last sync to JumpCloud every 90 seconds.

JumpCloud’s lightweight agent that  pulls user identities, user groups, and passwords from JumpCloud to AD. It can be installed on one or more Domain Controllers (DCs) or member servers within an AD environment that. This agent communicates to JumpCloud from the server(s) every 90 seconds to get all changes that have occurred in JumpCloud since the last sync, for any users and user groups connected to the ADI in JumpCloud.

The directory will be considered as the source-of-truth or the primary or authoritative directory for credentials and user identities.

A stand–alone instance of AD that contains a collection of one or more domains and acts as the security boundary within an AD environment.

A single AD domain within a forest that contains a collection of users, security groups, and other AD objects that share a domain name.

Two or more AD domains within a single forest. 

Containers of objects within AD's logical structure in which security groups and users reside and can be nested. OUs are important within the ADI configuration as they are the search base used by the JumpCloud Import and Sync Agents. 

The Security Group created by you during the ADI Import installation process and used by the JumpCloud Import Agent to determine which users and groups to sync from AD to JumpCloud. This Security Group will be created in the Configuration article’s instructions.  Only members of this group are synced between AD and JumpCloud.

The main container or path for which all of your target users you’d like to integrate with JumpCloud reside. This can be a top-level OU, a sub-level OU, or the default “Users” container within AD. JumpCloud’s ADI is configured to reference this as the Root User Container for which all users integrated with JumpCloud should reside. The AD Import and Sync agents use this Root User Container as a search base by default. If users are outside of the root User container, or its sub-level OUs, but are bound to the JumpCloud ADI Security Group, then user identity or credential issues may arise between JumpCloud and AD.