Configure Netskope Directory Importer

Configure Netskope Directory Importer

You will need the Addon URL copied from the Directory Tools page (Settings > Tools > Directory Tools > On-Prem Integration) when you install the Directory Importer to complete these steps.

  1. Launch the Netskope Adapter Configuration Utility icon on your system.
  2. Enter and select these parameters:
    • UserInfo URL: Enter the Addon URL.
    • Directory Service: Select Other Directory Services.
    • Connect to Directory Services using SSL: Enable this checkbox.
    • Select Set Attributes.
  3. Enter LDAP parameters to connect to the JumpCloud LDAP Directory.
    • Server Name: Port: 636
    • Base DN: ou=Users,o=<Jumpcloud Org ID>,dc=jumpcloud,dc=com
    • Username: uid=<insert service account name from Jumpcloud>,ou=Users,o=<JumpCloud Org ID>,dc=jumpcloud,dc=com
    • Password: Enter the password generated in Jumpcloud.


    The JumpCloud Organization ID can be found in the Administrator Portal > Settings > Organization Settings

  4. Select Test Connection. If this does not succeed. Validate your username and password are correct. Also ensure your Organization ID is correct.

    If the test continues to fail, open Event Viewer on the Window Machine in Summary Page Events.

    If you see Event ID: 36884. Follow the steps from here:

  5. When the test is successful you can select attributes.
  6. Fill in the details as shown below and click Apply and Close to go back to the main screen.
  7. Select Advanced Settings and set Log Level to Debug.
  8. Click Apply and Close.
  9. Select Dynamic Groups.


    The DN attribute is not available in JumpCloud Identity Schema, which is required by Directory Importer to map users and groups. This method is used to get both users and groups provisioned into the tenant with dynamic group mapping.

  10. Here’s an example shows a custom group which will add all users to a custom group
    • Dynamic Group Name: alljumpcloudusers.LDAP Query: (&(objectClass=inetOrgPerson))Click Test

    The test should come back valid.

  11. Click Add
  12. The query gets added to the list
  13. Here’s an example of adding a group name that was present in the JumpCloud Directory and map members to the group name.
    • Dynamic Group Name: TestLDAPLDAP Query: (&(objectClass=inetOrgPerson)(memberOf=cn=TestLDAP,ou=Users,o=<JumpCloud Organization ID>,dc=jumpcloud,dc=com))Click Test


    Repeat this step for all the Groups you want to import to Netskope.

  14. Click Add.
  15. Click Apply and Close.
  16. Click OK.
  17. Edit the NSADImporterConfig.json file located under

    C:Program FilesNetskopeNSAdaptersADImporter.

  18. Ensure the attributes highlighted in blue below match your config. Also, make a copy of the config before making any changes.
  19. Launch Services.msc console and restart the Netskope Directory Importer Service.
  20. Open the log file at C:UsersPublicNetskopensADImporterLog.log.

    You can view details of users and groups being fetched and provisioned into the tenant

  21. Log into the Netskope tenant
  22. Go to Settings > Security Cloud Platform > Users.
  23. When you select the users, the group memberships are shown.
  24. Go to Settings > Security Cloud Platform > Groups.
  25. When you select the groups, the members are shown.
  26. The users and groups will now be available in the Real-time Protection policy.
Share this Doc
In this topic ...