Easily access file shares on AD-connected Windows file servers

Change is one of the most difficult aspects of IT. Not all employees are tech-savvy or open-minded to try, or even accepting, new things. File servers are often critical infrastructure and users are used to working with them. That’s why uninterrupted access is important when a small and medium-sized business (SMB) is considering moving away from Active Directory. Fortunately, a simple setup accomplishes just that.

The solution is a trick veteran Windows administrators are familiar with: using commands to map network drives, which solves the problem of missing desktop drive icons among VPN users. The same solution can be applied when transitioning from Active Directory to JumpCloud. It’s an approach that keeps users happy, workflows uninterrupted, and help desk calls reduced. More importantly, it paves the way for a longer-term strategy for file sharing and collaboration.

Maintain Windows File Shares with JumpCloud

Tutorial Windows File Servers + AD and Jumpcloud – jumpcloud-1

The following steps make it possible to use Windows file shares with JumpCloud, even after detaching users and devices from Active Directory. Once this work is complete, JumpCloud will become the single “source of truth” for your users to access devices and other computing resources.

Preconditions

The initial steps will include installing JumpCloud agents on your domain controller(s).

Install JumpCloud Agents

  • An understanding of Jump Cloud Commands
  • Configure JumpCloud AD Sync and AD Import agents:
    • AD synchronization is used for user provisioning and single sign-on. It allows you to maintain your existing directory within JumpCloud, which will become your IdP (SAML SSO). In this case, you will no longer manage your users from AD. For example, if you change a user’s password in JumpCloud, it will sync with AD.
    • AD import integrates AS with JumpCloud

A synchronization user is used to configure the agents:

Replicating Windows Server Groups

  • Check which AD security groups have rights/privileges for each file share on Windows file server.
  • Add these security groups as a member(s) of a “JumpCloud” group in AD
  • This can be a good opportunity to address bad naming conventions

(Read more…)