Configuring JumpCloud LDAP Integration

To integrate Jump Cloud’s LDAP-as-a-Service with XTAM you will need to perform the following procedure.


  • A JumpCloud account that this configured as an LDAP Binding User. Please reference this JumpCloud article (external link) for more information.
  • A connection and account to login to the XTAM host server to run commands, update configuration files and restart services.
  • A JumpCloud account to test the integration.
  1. Login to JumpCloud to retrieve your LDAP Binding User and the required parameters to perform the integration. This includes the LDAP Binding Account (DN), LDAP Binding Account password and your JumpCloud OrgID. For additional information, please review this JumpCloud article:
  2. On the XTAM host server, open a command prompt and navigate to $XTAM_HOME
  3. From the $XTAM_HOME directory, execute the following command, replace the placeholders with your actual JumpCloud vaules.
    1. For Windows, substitute your <CONNECTION_NAME>, <LDAP_BINDING_USER>, <YOUR_ORG_ID> and <LDAP_BINDING_USER_PASSWORD> values and issue:

      bin\PamDirectory.cmd LdapConnect web <CONNECTION_NAME> ldaps:// "uid=<LDAP_BINDING_USER>,ou=Users,o=<YOUR_ORG_ID>,dc=jumpcloud,dc=com" <LDAP_BINDING_USER_PASSWORD>
    2. For Unix or Linux, substitute your <CONNECTION_NAME>, <LDAP_BINDING_USER>, <YOUR_ORG_ID> and <LDAP_BINDING_USER_PASSWORD> values and issue:

      bin/ LdapConnect web <CONNECTION_NAME> ldaps:// "uid=<LDAP_BINDING_USER>,ou=Users,o=<YOUR_ORG_ID>,dc=jumpcloud,dc=com" <LDAP_BINDING_USER_PASSWORD>
  4. When the command executes successfully (it will return an Ok response), next open the $XTAM_HOME/web/conf/ file in a text editor. You will need to manually update a few parameters to complete the integration.

  5. Locate the section of this file that is specific to your JumpCloud (it will probably be at the bottom). Update your parameters to match those from below.

    #ldap.authn.searchFilter=uid={0}  (Uncomment this line (remove #) if you want to login using UID)
    #ldap.authn.searchFilter=mail={0}  (Uncomment this line (remove #) if you want to login using Email Address)
  6. After the updates have been made, save and close the file.

  7. Restart the PamManagement (Windows) or pammanager (Linux) service to complete the integration.

  8. When the service comes back online (2-5 minutes), test your login using a JumpCloud account.