Syncing PaperCut with JumpCloud

We at Selectec are a curious (nosy) bunch, so when we received two requests in a matter of a few days regarding using PaperCut with JumpCloud we needed no excuse to jump up and start our JumpCloud adventure.

For those that have never heard of it, JumpCloud is DaaS (Directory as a Service) and basically allows you to take your traditional on-site User directory (think MS Active Directory) and stick it up in the cloud. As with many other traditionally on-site services this potentially frees up the need for hardware and associated support on site, while at the same time allowing admins control over their users, infrastructure, and client systems regardless of type. There are numerous features and benefits of using a system like this, but for our purposes, we will be particularly interested in the LDAP as a service functionality.

From a PaperCut point of view, this means nothing more than pointing the sync source settings to the JumpCloud service instead of an on-site server. If we think for a moment about the MS AD system, PaperCut will extract all the useful information that has typically been filled in by an administrator, things like:

  • Usernames,
  • Email addresses,
  • Group information,
  • User home folder locations,
  • Card/ID numbers,
  • Office/Department names and locations

Once synced, this information can then be used by various parts of the PaperCut system, in places like Integrated scanning for automatically filling in user email or home folder locations, or for sending users notifications via email.

As we soon discovered, although setting up the connection to sync to JumpCloud was relatively simple, the basic information made available did not include custom attributes, rather just the basic username, email and group details. At this point… In steps our integrations team, and with their wizard-like mastery of all things API they proclaimed “We can make an integration for that!” This essentially meant some of the other information which was not previously available could be accessed and pulled into PaperCut via the JumpCloud API (cool huh).

After some tinkering, we now find ourselves with an integration which will allow PaperCut to use JumpCloud as its sync source and includes the extra custom attributes needed for things like ID number sync and reporting on particular departments/offices. For more information on JumpCloud check out: https://jumpcloud.com/daas-product/

Go forth and sync!

Ok so if you’re still reading after this point then it probably means you have a bit more than a passing interest in this, and so you might like to see some details of how and where to put in the details within PaperCut for the JumpCloud sync.

We’re going to assume that by this point you have your users setup within the JumpCloud system including an LDAP binding user account and that PaperCut is installed and you are ready to set the user sync source.

So first we are going to log in to the PaperCut admin console and follow the steps below:

  1. Select Options > User/Group Sync 

    The User/Group Sync page is displayed.

  1. In the Sync Source area, under Primary sync source, select LDAP.
  1. Under LDAP Server Type select Standard (Unix/Open Directory).
  1. Under LDAP Server Address type ldap.jumpcloud.com 
  1. Under Base DN enter ou=Users,o=YOUR_ORG_ID,dc=jumpcloud,dc=com 

The organisation ID can be found on your JumpCloud admin console. 

  1. Under Admin DN enter

uid=LDAP_BINDING_USER,ou=Users,o=YOUR_ORG_ID,dc=jumpcloud,dc=com 

  1. Under Admin password enter the password for the LDAP binding user.
  1. Click Apply and Test Settings, or if you’re feeling brave skip right to the Synchronise Now button.

All being well, when you check your Users section in PaperCut, you should see a list of the users synced from JumpCloud at this point. So…. Now you should be able to sync usernames, email addresses, and groups from the cloud. What if you want to sync the extra custom attributes we mentioned at the beginning of the article?

The magic

Download our free Jump Cloud Attributes Tool (Matt wanted to call it JumpyMcJumpCloud, Matt is not allowed to be in charge of names)

Quick Start Guide:

  1. Edit the config.toml file, this contains all the settings you need. Use your favourite text editor. Oh, Authtoken is the value set under “auth.webservices.auth-token” within PaperCut.
  2. Run the application using a cmd prompt.
  3. Set up a schedule using Windows scheduler to create a Cron job. We suggest you set this to run after PaperCut’s nightly maintenance/sync, we would go with 2am.
  4. This application will loop through all of the users in PaperCut then check JumpCloud for them and if they exist it will pull down the attributes from the fields set in the config file.
  5. Consider using SSL/TLS, our setup was a test and not production.

More?

Need help or looking for us to make something new? just get in touch.

Get in touch today | sales@selectec.com