Subscribe to Help Center RSS Feed2024-03-21 ADI Release Notes
AD Sync Agent v4.11.1
Bug fix
- AD Sync Agent replaced sAMAccountName (SAM) with UserPrincipalName (UPN) even when the AD Import Agent was configured to use the UPN instead of the SAM for the username value.
Installer changes
- Logo update
2024-02-06 ADI Release Notes
Admin Portal
New ADI Directory Insights (DI) Events
| DI Event | Description | Notes |
|---|---|---|
| activedirectory_agent_inactive | Logged when an agent is marked as inactive. This occurs when the agent stops responding to the heartbeat check or the agent service being stopped on the server. | New event |
| activedirectory_agent_active | Logged when an agent successfully registers for the first time. | New event |
| activedirectory_primary_agent_switch | Logged when an agent is marked as the primary agent if a primary doesn’t exist or the agent that was primary becomes inactive. | Updated to include hostname, version, source_ip, host_type, host_os_version |
| activedirectory_agent_activate | Logged when an agent becomes active from an inactive state. | Updated to include hostname, version, source_ip, host_type, host_os_version |
Additional information captured in ADI Directory Insights (DI) Events
- host_type and host_os_version logged in all ADI import and sync agent DI events
AD Import Agent v2.6.0
Installer changes
- The installation wizard no longer prompts for selecting LDAPS or LDAP when installing the agent on a domain controller (DC),
Logging changes
- LDAPS error suppressed in event log when LDAP allowed
AD Sync Agent v4.10.0
Installer changes
- The installation wizard no longer prompts for selecting LDAPS or LDAP when installing the agent on a domain controller (DC),
Logging changes
- Email and username added back to the sync agent logs
- LDAPS error suppressed in event log when LDAP allowed
2023-12-06 ADI Release Notes
Support for Windows Server 2022
- Windows Sever 2022 is an officially supported OS version for the integration.
Admin Portal
New functionality
- Count of agents installed is shown in the Details tab
- The count of each type of agent installed, sync and import, is shown in the configuration sections in the Details tab.
- Configuration selection saved
- The configuration checked on the Details tab is saved and remains checked after closing and reopening the ADI domain instance configuration
ADI Service
- High availability configurations supported for AD sync agents.
- Multiple AD sync agents can be installed. In this configuration, one agent will be designated as the primary agent by the ADI service. All create and change requests are sent to that agent. If that agent becomes unavailable, another active sync agent is designated as the primary.
2023-10-26 ADI Release Notes
Admin Portal
- Updated domain creation modal
- References to multi-domain configurations not being supported were removed.
- LDAP domain name formatting validation added to prevent the integration from failing or having unexpected behavior.
- Updated Details tab
- Added sections for the 3 typical integration configurations to help Admins understand which agents need to be installed based on their specific use cases and where they want to manage users, groups, and passwords.
- New ADI Directory Insights Events
- More events logged to provide increased visibility into the changes made and changes attempted by the AD import agent and more information for self-remediation of errors.
AD Import Agent v2.2.1
New functionality
- Installation flexibility when configuring the integration for two-way sync
- The AD import agent can be installed on one or more member servers instead of all DCs when JumpCloud is the password authority. This reduces the number of agents that need to be managed and removes the requirement to install the agent on all DCs in certain cases.
Security enhancements
- LDAP only used when specifically allowed and security risks acknowledged
- AD Import Service Account credentials moved to the registry
- AD Import Service Account username & password stored in registry instead of the AD import agent configuration file.
- API key for integration moved to the registry
- ADI API key stored in registry.
- General service improvements
Integration Observability
- New and updated ADI Directory Insights Events
- More events logged to provide increased visibility into the changes made and changes attempted by the AD import agent and more information for self-remediation of errors
| DI Event | Event Description |
|---|---|
| idsource_create | Logged when a import agent shows as online and running in the Domain Agents tab for the ADI in the JumpCloud Admin Portal |
Quality of life improvements
- Single location for all AD import related files
- All AD import related files & configs are in C:\Program Files\JumpCloud\AD Integration\JumpCloud AD Import.
- Consistent file naming
- More descriptive and consistent import agent service name
- References to AD Bridge removed
- All references to AD Bridge changed to AD Import.
- AD import agents can be updated
- Installer will detect existing agent installations and update. Previously, new versions required an uninstall and reinstall of the agents.
Bug fixes
- Fixed External Password Expiration Date Field not being cleared when UserExpireAction was set to ‘maintain’ in the AD import agent configuration file.
Installer UI
- Updated branding in the installation wizard
AD Sync Agent v4.5.1
New functionality
- Support for managing users, groups, and passwords from JumpCloud
- AD Sync agent can be installed independently of the AD Import Agent, reducing the number of agents and services that need to be managed.
- Admins can uninstall the import agent that was required by previous versions
- Installation flexibility
- The AD sync agent can be installed on one or more member servers instead of DCs for all use cases and configurations. This removes the requirement to install the agent on all DCs in certain cases.
- New security groups created in AD from JumpCloud
- Groups assigned to the JumpCloud ADI will automatically get created in the Root User Container specified for the integration, enabling complete security group management in AD from JumpCloud.
- New JSON configuration file for the AD sync agent
- Added a JSON config file for new configuration settings available for the AD sync agent, domain controller address and flag for allowing insecure connection (use of LDAP).
Changes to existing functionality
- Staged users in JumpCloud no longer provisioned to AD
- Users in the staged user state are no longer created in AD. These users are only created when their user state is changed to active.
Security enhancements
- LDAP only used when specifically allowed and security risks acknowledged
- Connect key value is masked in the registry
- The connect key value stored in the registry is masked when the JumpCloud AD Integration Sync services starts.
- General service improvements
Integration Observability
- New and updated ADI Directory Insights events
- Added more events to provide increased visibility into the changes made and changes attempted by the AD import agent and more information for self-remediation of errors
- Updated the existing activedirectory_agent_create event including more information in the event listing and event summary
| DI Event | Event Description |
|---|---|
| user_update_password_provision | Logged by the AD sync agent when password attributes changes are made or attempted in AD |
| activedirectory_agent_create | Logged when an AD sync agent is downloaded from JumpCloud Admin Portal and the agent is added in an inactive/pending status in the Domain Agents tab for the ADI |
| activedirectory_agent_activate | Logged when an AD sync agent shows as online and running in the Domain Agents tab for the ADI in Admin Portal |
Quality of life improvements
- Single location for all AD sync related files
- All AD sync related files, logs and config are in C:\Program Files\JumpCloud\AD Integration\JumpCloud AD Sync.
- Consistent file naming
- More descriptive and consistent sync agent service name
Bug fixes
- Staged users are no longer suspended in JumpCloud when both the AD import and AD sync agents are installed and running.
Installer UI
- Updated branding in the installation wizard
Back to Top
In this Article