Managing access between an employee and their resources on a one-to-many basis becomes more difficult as your organization grows in size and scope. There are too many users and too many IT resources to control. Grouping your users and IT resources is the smart and easy way to deal with this complexity by enabling greater employee onboarding efficiencies to grant, or revoke, access instantly with a click to remove them.
JumpCloud’s Group of Users object allows administrators to establish a collection of users based on arbitrary need, such as the department, role, or level of their employment. The User Group object is responsible for the binding of any and all systems, applications, networks, and storage resources assigned to that particular group, providing instant access. Editing membership, such as removing a user, will have the opposite effect of removing access to the group’s bound resources.
A Group of Systems is an arbitrary collection of Windows, Mac, and Linux systems established by JumpCloud administrators to manage fleets of systems in any particular mixture of operating systems. Policies can also be bound to system groups to govern and control the behavior and configuration of groups of systems for security and compliance reasons.
LDAP Group Sync
JumpCloud User Groups may be designated as LDAP ‘Group of Users’ when leveraging JumpCloud’s LDAP-as-a-Service. Membership changes will be instantly reflected in JumpCloud’s LDAP infrastructure. Thus, ensuring any bound resources receive those changes the resource’s Role Based Access Control (RBAC) settings rely upon.
AD Group Sync
When JumpCloud’s AD Bridge is in use, selected AD Groups will be created and kept in sync with their JumpCloud equivalents, ensuring AD remains as the master authority for group membership.
- Simple interface to group users.
- Specify temporary or permanent access.
- Groups can be connected to specific IT resources.
- Automated provisioning / deprovisioning of accounts to IT resources.
- Each person must still log in with their private credentials.
- Easily control and manage access in bulk to save time.
- Enforce unique access rather than shared credentials for increased security.
- Easily handle guests or grant access temporarily, without having to manually revoke that access when the time is up.
- Centralize access control, no need to duplicate access settings on each resource.
Check out our Getting Started: Groups article in the support documentation to learn more.