Best Practices for Creating Users

There are a variety of different ways to add new users in the admin portal so we thought it'd be helpful to share some of our best in-house practices.

Add users and connect them to devices at the same time

When you import users with a CSV file, you can import users and connect them to a device at the same time, but you need to add devices to JumpCloud first.  

  1. Wait to add users and add devices first.
  2. After you’ve added devices, add the device name for each user in the CSV file. 
  3. Import the CSV file in JumpCloud. See Add Users to the Admin Portal to learn more.

Keep in mind, that after you import users, you always have the option to manually associate users with a device in the Admin Portal.

Add macOS users and devices via MDM

JumpCloud integrates with Apple's Device Enrollment Program (DEP) to enroll newly purchased macOS devices into JumpCloud Mobile Device Management (MDM) through Apple's Automated Device Enrollment.

When you enroll a device into MDM with JumpCloud, you can minimize the number of steps it takes to get a device up and running. As soon as the device is powered up, the following actions happen automatically:

  • The JumpCloud agent is installed automatically for you.
  • A device enrollment profile is installed. 

The enrollment profile contains MDM enrollment settings along with a certificate that uniquely identifies the username to assign to the device. You can synchronize that information with JumpCloud to quickly import user associations. For more information, see Get Started: MDM to learn more.

Add users from Active Directory

When working with Active Directory (AD), you have the following options:

  • Use AD side-by-side with JumpCloud. To use this option, you sync users and groups with our AD Integration agents. Keep in mind that to run the JumpCloud agent on a domain-bound device, you need to unbind the device from the AD domain before you can manage it in the JumpCloud Admin Portal.
  • Replace AD and only use the JumpCloud directory. To use this option you export users from AD or use the migration utility. 

JumpCloud’s Directory-as-a-Service® (DaaS) was created to be a viable replacement for AD and Lightweight Directory Access Protocol (LDAP), and we are continuing to add and improve the platform with that goal in mind. Deciding on whether to replace AD depends on your unique infrastructure and an understanding of the key differences between JumpCloud and AD. Some organizations choose to replace AD with JumpCloud because of the workarounds AD requires you to do to keep pace with changes in the IT environment. 

If you want to use Active Directory side-by-side with JumpCloud, you can sync users and groups with the AD Import agent. You can also write password data back into AD from JumpCloud with the AD Sync agent.

Best Practices

  • Decide when users receive a welcome email. When you manually create a user account, a welcome email is sent to the user immediately after you save the account. Here's a guided simulation for what your end users will see: JumpCloud Account Welcome Email. If you did not set a password for the user, this activation email provides a link so the user can set their own password and activate the account. You may skip sending this email on the Activation email modal. If you set an initial password for the user, a welcome email will be sent to the user with a link to login to their User Portal.
  • If you want to import users with a CSV file, determine if you should do it from the Admin Portal or with the PowerShell Module. There are differences between these two methods. Which one you want to use depends on how much information you need to import and what associations you want to make with your user accounts. Use the table below to understand the differences.
    • You don’t need coding experience to use the PowerShell Module. We’ll walk you through it.
    • If you’re importing data using PowerShell and want to assign users to a group, you must log in to the Admin Portal and configure User Groups first. Then you can add the group name to your spreadsheet before importing.
    • If you are importing data using Powershell and want to associate a user with a device, you must log in to the Admin Portal and add those devices first. Then you can add the device name to your spreadsheet before importing.
    • You can wait and make associations manually between users and groups or devices after the account is created.

CSV User Import

CSV Import Options Available in the Admin Portal? Available in the Powershell Module?
Import users directly into user groups. No Yes
Associate users with systems No Yes
Number of user attributes you can set 5 including: First Name, Last Name, Username, Email, Password All 38 user attributes

Warning:

Only create or import user accounts you need. You have 48 hours to remove unwanted users from JumpCloud and to contact your Technical Account Manager to avoid being charged for them. See FAQ: Billing, Charges, and Invoices to learn more.

Back to Top

List IconIn this Article

Still Have Questions?

If you cannot find an answer to your question in our FAQ, you can always contact us.

Submit a Case