Active Directory® Integration

Extend AD Identities to Modern Resources

JumpCloud’s Active Directory Integration extends AD identities from on-prem domain controllers to IT resources that are challenging to bind with AD. The integration enables users to securely log in to cloud-based and non-Microsoft resources with their AD credentials. Through JumpCloud’s AD Integration solution, administrators gain better control, security, and freedom of choice over IT resources.

Get AD Integration

Authenticate AD users with remote macOS®, Windows®, and Linux® endpoints

Users imported from AD can be provisioned as local accounts on Windows, Mac, and Linux systems that are not directly bound to Active Directory. Further, take advantage of the complete array of JumpCloud’s system management features such as GPO-like policy management for Mac and Windows, script execution, multi-factor authentication, all without requiring the need for a VPN connection for check-ins and updates.

Sync AD users to G Suite™ and Azure® AD / Office 365®

JumpCloud’s AD Integration enables a continual sync from AD to G Suite or Azure AD / Office 365 identities without the need for installing and managing middleware utilities such as Google Cloud Directory Sync or Azure AD Connect. JumpCloud® Directory-as-a-Service® will securely transmit all password and account profile changes directly from Active Directory to those services to keep them in constant sync.

Extend AD users to apps and services through JumpCloud’s cloud-based LDAP, RADIUS, and SAML auth services

Imported AD user accounts and groups can leverage JumpCloud’s vast array of cloud-based protocols. JumpCloud’s cloud RADIUS services can simplify connecting users to wireless or VPN networks with no need for on-prem RADIUS servers. Leverage JumpCloud’s LDAP endpoint to bind AD user identities to on-prem and cloud-based resources requiring standard OpenLDAP authentication. These LDAP-based applications can include Jira® or Jenkins®, NAS devices like Synology® or QNAP®, and thousands of others. You may also leverage the ability to use JumpCloud’s array of SAML 2.0-authenticated portfolio of business-focused web apps, federating AD user identities with no need for ADFS or other AD add-ons like IDaaS solutions or web application SSO platforms.

Bi-directional synchronization with Active Directory

AD Integration

AD Import - AD to JumpCloud Group and User Account Import

Import AD user accounts and their group membership into JumpCloud and leverage the complete array of authentication protocols and services. JumpCloud’s AD Import Domain Controller agent will keep changes in constant sync from password changes to account profile changes to group membership.

AD Sync - JumpCloud Data Writeback to Active Directory

As an add-on capability, JumpCloud allows for the continuous synchronization of a user’s password with Active Directory. The AD Sync Domain Controller agent will enable users or administrators to change their passwords from the JumpCloud User and Admin portals or from JumpCloud-managed computers and workstations and securely write that information back to AD.

Screenshots

AD Integration
AD Integration
Imported User
Imported User
Imported User Group
Imported User Group
Change AD Password from macOS
Change AD Password from macOS

Learn more about the AD Integration feature by visiting our "Using AD Integration" article in the support documentation.


Features

  • Active Directory-to-JumpCloud User and Group Synchronization.
  • Add-on: Jumpcloud-to-Active Directory ‘AD Sync’ for passwords updating and writeback.
  • Authentication services for remote/unbound Mac, Linux, and Windows systems.
  • Authenticate AD user accounts through JumpCloud’s cloud-based LDAP, RADIUS, and SAML services.
  • MFA services for JumpCloud synchronized user accounts and for Mac and Linux access.
  • Supports Active Directory on Windows Server 2008, 2012, and 2016.

Benefits

  • Maximize your investment in Active Directory: Extend AD identities to cloud apps, VPN, wireless networks, servers in AWS®, Google Cloud, and more.
  • One identity for a user to access virtually everything they need: mix modern with legacy infrastructure.
  • Self-service password updating with AD Sync to provide users with computer-based or web-based password modifications of their AD credentials.
  • Abstract the differences of macOS, Windows, and Linux by controlling them with a simple, point-and-clink, management interface.
  • Simplify authentication to remote and non-supported resources unconnected to AD without VPN.
  • Improve security by reducing identity silos and connecting all resources to AD mastered identities.
  • Eliminate the need for SSO tools, along with on-prem, redundant LDAP and RADIUS servers to manage hosted server and networking infrastructure.