Syncing with JumpCloud
Contents
Here at PaperCut, we are seeing more and more customers moving away from traditional on-premise Directory Services. Many customers are now introducing cloud-based Identity Management Systems. In these conversations, we are often being asked: “Does PaperCut NG/MF support JumpCloud’s Directory-as-a-Service.
JumpCloud offers customers many features and benefits, such as central identity management, access control, and flexible administration. One feature they offer as part of their overall solution is LDAP-as-a-Service which as the name suggests, allows for LDAP connections to be made to the Directory. PaperCut NG/MF supports syncing user and group information using LDAP right out of the box. One thing to note is that JumpCloud requires a Secure LDAP connection so the settings might differ slightly from what you may be used to.
Just like traditional Directory Services, for example, Active Directory, JumpCloud allows the administrator to populate a user’s account with details such their email address and group memberships. Being able to synchronize this information into PaperCut NG/MF makes it simple to get up and running with Scan to My Email in Integrated Scanning or sending email notifications when using Advanced scripting (print scripting).
Now you know the background, let’s walk you through setting up PaperCut NG/MF to sync with your JumpCloud instance. We have provided detailed notes below, but you may prefer to watch this video from JumpCloud first.
Now for the details.
There are a couple of things you will need to ensure are set up on the JumpCloud side:
• An LDAP Binding user - by checking the Enable as LDAP Bind DN checkbox in the User Security Settings and Permissions section when creating the user.
• User accounts that have been granted access to the JumpCloud LDAP directory, either individually or via a group.
To make sure you’re ready for configuring PaperCut NF/MF, take note of your JumpCloud ORG ID which is found under the Settings menu in the JumpCloud Administration Portal.
JumpCloud has an excellent knowledge base article titled Using JumpCloud’s LDAP-as-a-Service, which steps you through setting this up.
Now let’s turn to the PaperCut NG/MF settings that you will need to configure. Open up the PaperCut NG/MF Admin Interface and head on over to the User/Group Sync settings section by selecting Options and clicking on the User/Group Sync tab.
1. In the Sync Source area, under Primary sync source, select LDAP.
2. LDAP Server Type should have Standard (Unix/Open Directory) selected.
3. LDAP Server Address needs to be set to:
ldap.jumpcloud.com
4. Base DN should be set to:
ou=Users,o=<YOUR_ORG_ID>,dc=jumpcloud,dc=com
<YOUR_ORG_ID> should be set to your organization ID which, as discussed above, can be found in the JumpCloud Admin Portal under Settings.
5. Admin DN needs to be set to:
uid=<LDAP_BINDING_USER>,ou=Users,o=YOUR_ORG_ID,dc=jumpcloud,dc=com
The <LDAP_BINDING_USER> should be set to the LDAP Binding user we created earlier in the JumpCloud Admin Interface (with LDAP Bind DN).
6. Admin password - enter the password for the LDAP Binding user.
7. Click Apply
8. Click Test Settings to confirm how many accounts will be added/deleted, and once you’re happy with the results, click Synchronise Now to kick off the sync.
That’s all there is to it. It’s so simple, you’ve probably still got time for that coffee you have been promising yourself all morning!
Categories: How-to Articles , Authentication
Keywords: JumpCloud , Directory , LDAP
Last updated June 13, 2024
Comments