Calling any JumpCloud users or employees...

bigbear

@Dashrender If you do it in workgroup mode, from what I have seen, its a pretty ugly setup.

Honestly I may endure the expense of Azure AD. It was a really nice setup, but $90 for the DC in the cloud was a surprise I didn't expect and the D11 instance is $220/month or so (on sale right now). So $300/month.

I can do the whole thing on a single box with more power on Vultr for $96 (Windows 2016 license included). Another $52 and I can run an AD box but I found several Microsoft articles stating that in a small single server environment it is acceptable to run AD on the RDSH box.

In our case we have no other AD servers.

dbeato

@bigbear You should have an AD server because JumpCloud will be a lot harder to manage.

gregorymkeller

@dbeato The AD Bridge is in fact in the process of being upgraded. We recently made a fairly large overhaul to our grouping mechanism (it was the object called "Tags") to a proper grouping mechanism. We're re-working the APIs on our AD Bridge synch agent to point to the appropriate new objects.

dbeato

@gregorymkeller Good to know Love to see what is the new way

gregorymkeller

@dbeato The mother load: https://support.jumpcloud.com/customer/en/portal/articles/2703450-getting-started-groups

gregorymkeller

@dbeato And this one... https://jumpcloud.com/engineering-blog/welcome-to-groups/

dbeato

@gregorymkeller That looks like just Security Groups to be added to multiple servers.

gregorymkeller

@dbeato The Group, and our microservice/graph engine behind, it is the key here: the Group is bound to 'things' (RADIUS servers, systems, LDAP RBAC and SAML apps - more soon). Users get added, they get access to the connected 'things'). User is removed, they are revoked access. So think network, application, and system resources here.

dbeato

@gregorymkeller Yeah, the same idea of a security group Where the group are added to different services and in this case devices. It is good to maintain a central user base around servers in this case.

gregorymkeller

@dbeato Truth ^ ^ . To be a grown up directory and support a scalable architecture, this is why we implemented Groups and sunset 'Tags' - which were more of a model dedicated to matrix-based server/user account management.

bigbear

Could JumpCloud be used to sync passwords from multiple Office 365 Clouds (different companies and tenants) to an on Premise Active Directory server?

Mostly just interested in passwords. And I guess outside of JumpCloud I am guessing there are other products that could do it?

Example:
[email protected]
[email protected]

[email protected]
[email protected]

sync to

[email protected]
[email protected]
[email protected]
[email protected]

dbeato

@bigbear That I don't know.