Insight

  • If you’re deeply invested in Active Directory® but need a better way to extend AD identities to the cloud and non-Microsoft® resources, you can layer JumpCloud on top of AD as a universal identity bridge. 
  • JumpCloud’s Active Directory Integration lets you manage access to Mac® and Linux® systems, SaaS apps, cloud computing platforms (e.g. AWS®, GCP®, Azure®, etc.), G Suite™, Office 365™, and more, all with AD identities. 
  • AD Integration’s true bi-directional sync can write changes back to AD, allowing full AD user lifecycle management from the cloud.

Learn more about features, functions, and use cases for Active Directory Integration→

Why Extend Active Directory? 

AD became an IT staple in the early 2000s as part of the Microsoft-dominated enterprise, and it’s been holding on ever since. As the years have progressed, however, more and more areas of IT infrastructure have emerged that aren’t easily compatible with AD:

  • Mac and Linux machines have risen in popularity
  • Infrastructure services and applications have moved to the cloud
  • Employees want to work remotely and through wireless connections

AD just doesn’t have the functionality to connect to all of this on its own, and as a result, many IT resources are poorly managed with multiple identity silos, or they aren’t managed at all. Some IT organizations leverage multiple AD add-on tools to bridge the gap, but those have started to add up with the increasing diversity of IT resources in organizations.

As a result, many organizations are considering a move away from AD to an entirely new cloud directory service, but in some cases, AD is so deeply ingrained in the IT infrastructure that the challenges of replacing it are just too great. 

Instead of replacing AD, you could maximize its value by securely extending AD identities to a full spectrum of modern IT resources with just one cost-effective cloud identity management platform. 

How JumpCloud’s AD Integration Works

Diagram of How JumpCloud Active Directory Integration Works

AD Integration installs a pair of lightweight agents on the AD server to enable a bi-directional sync between AD and JumpCloud’s Directory-as-a-Service. This means: 

  • Users and groups can be mirrored into JumpCloud’s web-based platform, which in turn connects them to cloud IT resources. 
  • Any updates made to these users or groups on AD are automatically pushed to JumpCloud, eliminating the need for siloed identities that aren’t connected to your core source of truth.  
  • Admins can fully manage AD users from the JumpCloud Admin Console — including provisioning new users to AD from JumpCloud. 
  • JumpCloud can write password, user, state, and group attributes back to AD. 
  • Mac users can change their own passwords, which write back to AD.

Learn more about how AD Integration works by reading our Knowledge Base article→

Benefits of AD Integration

With the AD instance completely connected to your on-prem and cloud-based resources, IT finally regains the level of control once afforded by AD on its own, back when networks were virtually all Windows-based. Access to Mac, Windows, and Linux systems can all be controlled with AD credentials, with the added bonuses of multi-factor authentication and other security features such as managing full disk encryption (FDE). 

Authentication to remote resources can be done without a VPN. Redundant LDAP servers are no longer needed to manage cloud server infrastructure. IT admins can finally manage remote workers. Security is improved due to the removal of identity silos and implementation of a central identity. And instead of cobbling together a patchwork of AD add-ons, you can deploy AD Integration as a single comprehensive solution. 

AD Integration also allows for systems to connect to JumpCloud, simplifying the process of binding Mac or Linux machines to your AD-managed identities for authentication and control. (You can even remotely manage Mac and Linux systems with GPO-like functions and PowerShell.) 

Non-domain-bound Windows machines can also be controlled from JumpCloud, which is an ideal approach for managing remote offices and locations without installing AD instances at each site. 

Essentially, JumpCloud becomes the bridge that connects all of your systems, networks, and applications to the on-prem instance of Active Directory.

Try AD Integration for Free

Check out JumpCloud’s AD Integration and see for yourself how simple it can be to regain control over your IT resources. You can sign up for a free account and test with full functionality for as long as you’d like — the first 10 users are free forever. You can also reach out to us if you have any questions about what AD Integration can do for you.