By Zach DeMeyer Posted August 7, 2019
Integration of non-Windows® resources like Mac® and Linux® systems into Active Directory® (AD) can be a major headache for IT admins. Binding to cloud infrastructure (e.g. AWS®) as well as networking equipment such as WiFi and VPNs, also presents a challenge for AD. Add on top of that the host of web applications being used by today’s organizations such as G Suite™ and Office 365™, and IT admins have quite a load on their plates. How can an IT admin integrate it all seamlessly?
To solve this issue, JumpCloud® is enhancing its AD Integration feature, a feature which provides object and password synchronization with Microsoft’s Active Directory. Initially, JumpCloud’s AD Integration would enable the importation of user and group objects from AD to JumpCloud’s cloud-directory, providing AD users a way to authenticate against resources, like a Linux server hosted at AWS for example, that weren’t ‘directly’ bound to AD itself.
What is AD Sync?
In this latest release, the AD Sync add-on to this Integration solution allows for passwords to be pushed back into AD. This provides new workflows for employees, such as the ability to modify their corporate password from their MacBook, and have that new password pass securely back through to AD itself.
How Does AD Sync Work?
AD Sync is a daemon/agent which is installed on the Windows Servers designated as the Active Directory domain controller. Once installed on the appropriate AD servers, the AD Sync agent will securely listen for inbound password changes coming to AD from JumpCloud (e.g. from a JumpCloud-managed Mac system or JumpCloud’s user or administrative portals) and write those securely into Active Directory. That way, end users can update their AD/JumpCloud-managed password entirely by themselves without relying on their sysadmin to make any changes in their AD instance.
With the AD Integration platform, JumpCloud admins using AD can extend the on-prem directory service to the various non-Windows and/or cloud solutions their end-users need and enjoy complete, round-trip, password synchronization between AD and JumpCloud. The addition of AD Sync helps cut down on password-related support tickets, all while enabling end users with self-serve password modification.
How Do I Use AD Sync?
In order to utilize AD Sync, admins will first need to have the current JumpCloud AD Integration agent, called AD Import, in use within their organization. The AD Import agent will provide the means to select the users and groups within AD you want to keep synchronized with JumpCloud.
With AD Import managing the user and group synchronization, the AD Sync agent is installed to work in conjunction with the existing AD Import agent to write passwords back to AD from JumpCloud resources. Once installed, users will be able to update their passwords from the JumpCloud Mac system app, or from the JumpCloud user portal, and have these passwords sync with AD. Passwords updated by admins in the JumpCloud Admin Console will be written back to AD as well.
Try AD Sync Today
AD Sync is available as a premium feature with the JumpCloud Directory-as-a-Service Pro plan. If you are interested in trying AD Sync, you can find the feature under AD Integration under the Directories. Want to learn more? Contact your Customer Success Manager.
Not a JumpCloud Customer?
If you’ve never heard of JumpCloud, but would like to use a cloud directory service in tandem with your Active Directory instance, why not try JumpCloud Directory-as-a-Service® for free? A JumpCloud account includes ten complimentary users in the platform, and access to everything Directory-as-a-Service provides. If you would like to learn more about AD Sync, AD Integration, or JumpCloud in general, please contact us.