[IMPORTANT] Please note that this site will be disabled on October 31. In it's place, the new JumpCloud Help Center is live! Check it out here!

Support Center

Configuring Workspace ONE UEM Directory Services to use JumpCloud's LDAP-as-a-Service

When using Workspace ONE UEM Directory Services to use JumpCloud’s LDAP as a service here are the basic settings to configure authentication with JumpCloud hosted LDAP service.

See Using JumpCloud's LDAP-as-a-Service to obtain the JumpCloud specific settings required below.

System > Enterprise Integration > Directory Services

Server Settings:

Current Setting: Override

Directory Type: Other LDAP

Server: ldap.jumpcloud.com

Encryption Type: SSL

Port: 636 (SSL)

Protocol Version: 3

Use Service Account Credentials: Disabled

Bind Authentication Type: Basic

Bind Username: uid=<ldap-binding-user>,ou=Users,o=<your-organization-id>,dc=jumpcloud,dc=com

Bind Password: <ldap-binding-user's-password>
Domain: jumpcloud.com
Server: ldap.jumpcloud.com

Use Azure AD For Identity Services: Disabled

Use SAML For Authentication: Disabled

User Settings:

Base DN: ou=Users,o=<your-organization-id>,dc=jumpcloud,dc=com

User Object Class: inetOrgPerson

User Search Filter: (&(objectClass=inetOrgPerson)(uid={EnrollmentUser}))

Advanced > Enable Custom Attributes

User Attributes:

Object Identifier: uid

Username: uid

Member Of: memberOf

Full Name: cn

Display Name: displayName

First Name: givenName

Last Name: sn

Email Address: mail

Email Username: mail

Mobile Phone: mobile

Phone Number: telephoneNumber

Distinguished Name: distinguishedName

User Principal Name: mail

Department: departmentNumber

Status: userAccountControl:

Lockout Time: lockoutTime

Object Class: objectClass

Last Modified: whenChanged

Binding Attribute: N/A {Blank}

Employee ID: employeeNumber

Custom Attributes: Reference the LDAP Attribute Mapping table at the bottom of this KB article to map additional attributes.

Group Settings:

Base DN: ou=Users,o=<your-organization-id>,dc=jumpcloud,dc=com

Group Object Class: groupOfNames

Organizational Unit Object Class: groupOfNames

Group Search Filter: (&(objectClass=groupOfNames)(cn=*))

Membership Attribute: User Attribute("Member of")

Auto Sync Default: Enabled

Auto Merge Default: Enabled

Group Attributes:

Object Identifier: cn

Name: cn

Member: member

Common Name: cn

Member Of: memberOf

Distinguished Name: dn

Group Object Class: objectClass

Organizational Unit: ou

Organizational Unit Object Class: objectClass

Testing Connection

When testing the connection for users search for users by username. Searches are case sensitive.

When testing the connection for user groups search by:

External type: ORGANIZATION UNIT

Search text: The name of the JumpCloud group to search

Domain: jumpcloud.com

Group Base DN: Hit the (+) and select "dc=jumpcloud,dc=com"
 
 

Last Updated: Aug 19, 2019 09:28AM MDT

Related Articles
desk-forwarding@jumpcloud.com
http://assets3.desk.com/
false
desk
Loading
seconds ago
a minute ago
minutes ago
an hour ago
hours ago
a day ago
days ago
about
false
Invalid characters found
/customer/en/portal/articles/autocomplete