\n \n This deployment configuration supports organizations looking to minimize the number of resources managed by AD and organizations that want to eventually migrate away from AD. <\/span>This configuration provides the greatest flexibility. Users, passwords, and groups can be managed in AD, JumpCloud, or both.<\/span><\/p>\n <\/span><\/p>\n Use cases<\/strong><\/h4>\n\n- \n
Allow users to change passwords in JumpCloud, from a JumpCloud managed device, and from AD.<\/span><\/p>\n<\/li>\n - \n
Enable JumpCloud and AD to share responsibility over the user identities.<\/span><\/p>\n<\/li>\n - \n
Add support for a mixed OS fleet and non-AD bound devices<\/span><\/p>\n<\/li>\n - \n
Extend user access to the Cloud for one or more of the following:<\/span><\/p>\n<\/li>\n \n- \n
Access to SaaS applications using industry standard protocols SAML 2.0, and OIDC, for SSO, and SCIM for provisioning, syncing and deprovisioning. <\/span><\/p>\n<\/li>\n - \n
Access to Cloud RADIUS for Wifi and VPN<\/span><\/p>\n<\/li>\n - \n
LDAP based user auth for NAS drive mappings, networking gear, or logins to things such as kubernetes clusters.<\/span><\/p>\n<\/li>\n - \n
User provisioning, syncing, deprovisioning and access control to other Cloud Directories such as M365\/ EntraID \/ AzureAD and Google Workspace in real-time<\/span><\/p>\n<\/li>\n<\/ul>\n - \n
Maintain an AD footprint but only for mission critical Windows servers, such as:<\/span><\/p>\n<\/li>\n \n- \n
Business critical applications that must stay on-prem.<\/span><\/p>\n<\/li>\n - \n
File and printer servers that cannot go away.<\/span><\/p>\n<\/li>\n - \n
Domain Controllers, but likely fewer DC’s in fewer locations.<\/span><\/p>\n<\/li>\n<\/ul>\n - \n
Manage profiles in one system and passwords in the other<\/span><\/p>\n<\/li>\n \n- \n
Manage passwords in JumpCloud to control credentials for Cloud resources and manage user profiles in AD to propagate the same information across all Microsoft solutions<\/span><\/p>\n<\/li>\n - \n
Manage passwords in AD for compliance purposes and manage profiles in JumpCloud to propagate to SaaS apps and other Cloud resources<\/span><\/p>\n<\/li>\n<\/ul>\n - \n
Import users from Cloud solutions that are not compatible with AD, such as an HRIS system<\/span><\/p>\n<\/li>\n | \n \n Workflow Details<\/span><\/p>\n Data syncs bidirectionally between JumpCloud and AD<\/span><\/p>\n <\/p>\n Passwords managed in either system or both<\/span><\/p>\n
<\/p>\n <\/span><\/span> Users created, updated, and deactivated in either system or both<\/span><\/p>\n
<\/p>\n <\/span><\/span> User (security) groups created and managed in either system or both<\/span><\/p>\n
<\/p>\n Group membership managed in either system or both<\/span><\/p>\n
<\/p>\n<\/div> <\/td>\n <\/tr>\n |