{"id":84319,"date":"2023-06-05T13:11:34","date_gmt":"2023-06-05T17:11:34","guid":{"rendered":"https:\/\/jumpcloud.com\/?post_type=support&#038;p=84319"},"modified":"2026-01-22T05:19:38","modified_gmt":"2026-01-22T10:19:38","slug":"configure-mfa-for-ldap","status":"publish","type":"support","link":"https:\/\/jumpcloud.com\/support\/configure-mfa-for-ldap","title":{"rendered":"Configure MFA for LDAP"},"content":{"rendered":"\n<p>If your organization has LDAP applications that require extra security, you can build a&nbsp;Conditional Policy&nbsp;or&nbsp;Default Access Policy&nbsp;to enable multi-factor authentication (MFA) as a requirement before users can access the applications.&nbsp;<\/p>\n\n\n\n<p><strong>Prerequisites:<\/strong><\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li>This article assumes that you have configured LDAP to work with JumpCloud. If not, see&nbsp;<a href=\"https:\/\/jumpcloud.com\/support\/use-cloud-ldap\" target=\"_blank\" rel=\"noreferrer noopener\">Get Started: Cloud LDAP<\/a>&nbsp;for more information.&nbsp;<\/li>\n\n\n\n<li>You must have JumpCloud Protect or TOTP enabled for your users. See the&nbsp;<a href=\"https:\/\/jumpcloud.com\/support\/jumpcloud-protect-for-admins\" target=\"_blank\" rel=\"noreferrer noopener\">Get Started: JumpCloud Protect<\/a>&nbsp;or&nbsp;<a href=\"https:\/\/jumpcloud.com\/support\/configure-totp-mfa-for-user-accounts\" target=\"_blank\" rel=\"noreferrer noopener\">Configure TOTP MFA for User Accounts<\/a>&nbsp;for steps.<\/li>\n<\/ul>\n\n\n\n<p><strong>Considerations:<\/strong><\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Conditional Access Policies and MFA are not supported for Samba authentications.\n<ul class=\"wp-block-list\">\n<li>Conditional Access Policies and MFA can only be supported when a client application BINDs a user&#8217;s credentials with the LDAP server directly, which Samba does not do.<\/li>\n<\/ul>\n<\/li>\n\n\n\n<li>Users are allowed 60 seconds to respond to a JC Protect notification. Most applications have shorter default authentication timeouts, and these can show up as connection errors during BIND requests. We recommend increasing the authentication timeout on your LDAP app to a minimum of 65 seconds to allow for the user to respond to the JC Protect notification.<\/li>\n<\/ul>\n\n\n\n<h2 class=\"wp-block-heading\" id=\"h-configuring-mfa-for-ldap-applications-as-a-conditional-policy\">Configuring MFA for LDAP Applications as a Conditional Policy<\/h2>\n\n\n\n<p><strong>To configure MFA for LDAP Applications as a Conditional Policy<\/strong>:<\/p>\n\n\n\n<ol class=\"wp-block-list\">\n<li>Log in to the <a href=\"https:\/\/console.jumpcloud.com\/\" target=\"_blank\" rel=\"noreferrer noopener\">JumpCloud Admin Portal<\/a>.<\/li>\n<\/ol>\n\n\n\n<div class=\"wp-block-cgb-notification-card-wysiwyg notification-card important\"><div class=\"notification-card-content\"><div class=\"notification-card-icon\"><p><img decoding=\"async\" src=\"\/wp-content\/themes\/jumpcloud\/assets\/images\/gutenberg-blocks\/important-icon.png\"\/><\/p><\/div><div class=\"notification-card-copy is-type-body-default\"><div><strong class=\"notification-card-type\">Important:<\/strong> \n<p>If your data is stored outside of the US, check which login URL you should be using depending on your region. If your organization uses LDAP, RADIUS, or requires firewall allow list configuration, the Fully Qualified Domain Names (FQDNs) will also be region specific. See <a href=\"https:\/\/jumpcloud.com\/support\/jumpcloud-data-centers\" target=\"_blank\" rel=\"noreferrer noopener\">JumpCloud Data Centers<\/a> for the URLs, FQDNs, and IP addresses.<\/p>\n <\/div><\/div><\/div><\/div>\n\n\n\n<ol start=\"2\" class=\"wp-block-list\">\n<li>Go to\u00a0<strong>Security<\/strong>\u00a0&gt;\u00a0<strong>Conditional Access Policies<\/strong>.<\/li>\n\n\n\n<li>Click the\u00a0<strong>+Add<\/strong>\u00a0button and select\u00a0<strong>JumpCloud LDAP<\/strong>.<br><img decoding=\"async\" width=\"2672\" height=\"1844\" class=\"wp-image-84325\" style=\"width: 600px\" src=\"https:\/\/jumpcloud.com\/\/wp-content\/uploads\/2023\/05\/new-ldap-cap.png\" alt=\"\" srcset=\"https:\/\/jumpcloud.com\/wp-content\/uploads\/2023\/05\/new-ldap-cap.png 2672w, https:\/\/jumpcloud.com\/wp-content\/uploads\/2023\/05\/new-ldap-cap-300x207.png 300w, https:\/\/jumpcloud.com\/wp-content\/uploads\/2023\/05\/new-ldap-cap-1024x707.png 1024w, https:\/\/jumpcloud.com\/wp-content\/uploads\/2023\/05\/new-ldap-cap-768x530.png 768w, https:\/\/jumpcloud.com\/wp-content\/uploads\/2023\/05\/new-ldap-cap-1536x1060.png 1536w, https:\/\/jumpcloud.com\/wp-content\/uploads\/2023\/05\/new-ldap-cap-2048x1413.png 2048w\" sizes=\"(max-width: 2672px) 100vw, 2672px\" \/><\/li>\n\n\n\n<li>Ensure that your LDAP hostname is updated and click the&nbsp;<strong>I have updated the LDAP hostname for applications I want affected by this policy<\/strong>&nbsp;checkbox.<\/li>\n<\/ol>\n\n\n\n<div class=\"wp-block-cgb-notification-card-wysiwyg notification-card important\"><div class=\"notification-card-content\"><div class=\"notification-card-icon\"><p><img decoding=\"async\" src=\"\/wp-content\/themes\/jumpcloud\/assets\/images\/gutenberg-blocks\/important-icon.png\" \/><\/p><\/div><div class=\"notification-card-copy is-type-body-default\"><div><strong class=\"notification-card-type\">Important:<\/strong> \n<ul class=\"wp-block-list\">\n<li>Conditional Access Policies AND MFA are only supported when the application is configured to the&nbsp;ldap-mfa.jumpcloud.com hostname.<\/li>\n\n\n\n<li>Some applications will require you to increase the authentication timeout setting. Here is an example for the OpenVPN 2.11.0 application:<\/li>\n<\/ul>\n\n\n\n<p><code>cd \/usr\/local\/openvpn_as\/scripts\/ &nbsp;<br>.\/sacli --key \"auth.ldap.0.timeout\" --value 65 ConfigPut &nbsp;<br>.\/sacli start<\/code><\/p>\n <\/div><\/div><\/div><\/div>\n\n\n\n<ol start=\"5\" class=\"wp-block-list\">\n<li>Enter the policy name and an optional description.<\/li>\n\n\n\n<li>(Optional) If you do not wish for the policy to go live as soon as you finish creating it, move the&nbsp;<strong>Policy Status<\/strong>&nbsp;slider to&nbsp;<strong>OFF<\/strong>.<\/li>\n\n\n\n<li>Under <strong>Assignments<\/strong>, you can choose to apply the policy to all&nbsp;users&nbsp;or select&nbsp;user groups. You can also specify whether to exclude certain user groups as needed.<\/li>\n<\/ol>\n\n\n\n<div class=\"wp-block-cgb-notification-card-wysiwyg notification-card note\"><div class=\"notification-card-content\"><div class=\"notification-card-icon\"><p><img decoding=\"async\" src=\"\/wp-content\/themes\/jumpcloud\/assets\/images\/gutenberg-blocks\/note-icon.png\" \/><\/p><\/div><div class=\"notification-card-copy is-type-body-default\"><div><strong class=\"notification-card-type\">Note:<\/strong> \n<ul class=\"wp-block-list\">\n<li>LDAP Bind DN&nbsp;users are excluded by default. To include them, uncheck the option next to&nbsp;<strong>(Recommended) Exclude LDAP Bind DN Users<\/strong>. See <a href=\"https:\/\/jumpcloud.com\/support\/use-cloud-ldap\" target=\"_blank\" rel=\"noreferrer noopener\">Get Started: Cloud LDAP<\/a> for more information on Bind DN users.<\/li>\n\n\n\n<li>If your LDAP Application requires all of your users to be configured as Bind DN users, then you should uncheck the box and create a user group that excludes your service account. Users must be bound directly to the LDAP Directory in order to log in. LDAP Policies refine access to your resources; they do not grant it.<\/li>\n<\/ul>\n <\/div><\/div><\/div><\/div>\n\n\n\n<ol start=\"8\" class=\"wp-block-list\">\n<li>Under&nbsp;<strong>Action<\/strong>, for&nbsp;<strong>Access<\/strong>&nbsp;select the&nbsp;<strong>Allowed<\/strong>&nbsp;button, and for&nbsp;<strong>Authentication<\/strong>, select the&nbsp;<strong>Password + MFA<\/strong>&nbsp;button.<\/li>\n<\/ol>\n\n\n\n<div class=\"wp-block-cgb-notification-card-wysiwyg notification-card note\"><div class=\"notification-card-content\"><div class=\"notification-card-icon\"><p><img decoding=\"async\" src=\"\/wp-content\/themes\/jumpcloud\/assets\/images\/gutenberg-blocks\/note-icon.png\" \/><\/p><\/div><div class=\"notification-card-copy is-type-body-default\"><div><strong class=\"notification-card-type\">Note:<\/strong> \n<p>If you have not enabled JumpCloud Protect or TOTP for your org, you will be prompted to do so.<\/p>\n <\/div><\/div><\/div><\/div>\n\n\n\n<ol start=\"9\" class=\"wp-block-list\">\n<li>Click\u00a0<strong>Create Policy<\/strong>. You will see the main policies page, and your LDAP policy will appear in that list.<\/li>\n<\/ol>\n\n\n\n<h2 class=\"wp-block-heading\" id=\"h-configuring-mfa-for-ldap-applications-as-a-default-access-policy\">Configuring MFA for LDAP Applications as a Default Access Policy<\/h2>\n\n\n\n<p>A Default Access Setting determines how users access a resource when no conditional access policies apply to them.<\/p>\n\n\n\n<div class=\"wp-block-cgb-notification-card-wysiwyg notification-card important\"><div class=\"notification-card-content\"><div class=\"notification-card-icon\"><p><img decoding=\"async\" src=\"\/wp-content\/themes\/jumpcloud\/assets\/images\/gutenberg-blocks\/important-icon.png\" \/><\/p><\/div><div class=\"notification-card-copy is-type-body-default\"><div><strong class=\"notification-card-type\">Important:<\/strong> \n<p>If you are setting a Default Access Policy to Require MFA or to Deny Access, you will need to create a separate User Group and Default Access Policy for your LDAP Bind DN users, and set them up for Allow Authentication.<\/p>\n <\/div><\/div><\/div><\/div>\n\n\n\n<p><strong>To configure MFA for LDAP applications as a default access policy<\/strong>:<\/p>\n\n\n\n<ol class=\"wp-block-list\">\n<li>Go to\u00a0<strong>Security<\/strong>\u00a0&gt;\u00a0<strong>Conditional Access Policies<\/strong> &gt; <strong>Settings<\/strong>.<\/li>\n\n\n\n<li>Expand&nbsp;<strong>Default Access Policy Settings<\/strong>.<\/li>\n\n\n\n<li>Under <strong>JumpCloud LDAP<\/strong>, in the drop down menu, select&nbsp;<strong>Allow authentication &amp; require MFA<\/strong>.<br><img decoding=\"async\" width=\"1204\" height=\"500\" class=\"wp-image-84331\" style=\"width: 600px\" src=\"https:\/\/jumpcloud.com\/\/wp-content\/uploads\/2023\/05\/global-policy-settings-expanded.png\" alt=\"\" srcset=\"https:\/\/jumpcloud.com\/wp-content\/uploads\/2023\/05\/global-policy-settings-expanded.png 1204w, https:\/\/jumpcloud.com\/wp-content\/uploads\/2023\/05\/global-policy-settings-expanded-300x125.png 300w, https:\/\/jumpcloud.com\/wp-content\/uploads\/2023\/05\/global-policy-settings-expanded-1024x425.png 1024w, https:\/\/jumpcloud.com\/wp-content\/uploads\/2023\/05\/global-policy-settings-expanded-768x319.png 768w\" sizes=\"(max-width: 1204px) 100vw, 1204px\" \/><\/li>\n<\/ol>\n\n\n\n<div class=\"wp-block-cgb-notification-card-wysiwyg notification-card note\"><div class=\"notification-card-content\"><div class=\"notification-card-icon\"><p><img decoding=\"async\" src=\"\/wp-content\/themes\/jumpcloud\/assets\/images\/gutenberg-blocks\/note-icon.png\" \/><\/p><\/div><div class=\"notification-card-copy is-type-body-default\"><div><strong class=\"notification-card-type\">Note:<\/strong> \n<p>If you have not enabled JumpCloud Protect or TOTP for your users, you will be prompted to do so.<\/p>\n <\/div><\/div><\/div><\/div>\n\n\n\n<ol start=\"5\" class=\"wp-block-list\">\n<li>Click <strong>Save<\/strong> <strong>Changes<\/strong>. MFA has now been enabled for LDAP applications.\u00a0<\/li>\n<\/ol>\n\n\n\n<div class=\"wp-block-cgb-notification-card-wysiwyg notification-card note\"><div class=\"notification-card-content\"><div class=\"notification-card-icon\"><p><img decoding=\"async\" src=\"\/wp-content\/themes\/jumpcloud\/assets\/images\/gutenberg-blocks\/note-icon.png\" \/><\/p><\/div><div class=\"notification-card-copy is-type-body-default\"><div><strong class=\"notification-card-type\">Note:<\/strong> \n<p>Once MFA for LDAP has been enabled, if you disable JumpCloud Protect and TOTP, your users won\u2019t be able to access their LDAP applications. Keep JumpCloud Protect or TOTP enabled to ensure users can access their applications.<\/p>\n <\/div><\/div><\/div><\/div>\n\n\n\n<h2 class=\"wp-block-heading\" id=\"h-logging-in-to-ldap-applications-with-mfa\">Logging in to LDAP Applications with MFA<\/h2>\n\n\n\n<p><strong>Instructions for users logging into LDAP applications with MFA<\/strong><\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li>JumpCloud Protect: Once LDAP MFA has been enabled, users will receive a push notification on their device when they are authenticating into certain applications. Once the user enters their user name and password, they will get a push notification and should approve it.<\/li>\n\n\n\n<li>TOTP:&nbsp;Once LDAP MFA has been enabled, users will need to open their authenticator app to get a verification code when authenticating into certain applications.\n<ul class=\"wp-block-list\">\n<li>When users are entering their username and password, in the password field they will add a comma, then enter the 6-digit TOTP after their JumpCloud password. For example, a user with a password of MyB@dPa33word and a TOTP of 123456 would enter MyB@dPa33word,1203456 in the password field.<\/li>\n<\/ul>\n<\/li>\n<\/ul>\n\n\n\n<div class=\"wp-block-cgb-notification-card-wysiwyg notification-card note\"><div class=\"notification-card-content\"><div class=\"notification-card-icon\"><p><img decoding=\"async\" src=\"\/wp-content\/themes\/jumpcloud\/assets\/images\/gutenberg-blocks\/note-icon.png\" \/><\/p><\/div><div class=\"notification-card-copy is-type-body-default\"><div><strong class=\"notification-card-type\">Note:<\/strong> \n<p>If both TOTP and Push are enabled, and the user enters a TOTP code, then the Push notification will not be sent. If the user enters a TOTP code when MFA has not been set as required, the authentication will fail.<\/p>\n <\/div><\/div><\/div><\/div>\n","protected":false},"excerpt":{"rendered":"<p>If your organization has LDAP applications that require extra security, you can build a&nbsp;Conditional Policy&nbsp;or&nbsp;Default Access Policy&nbsp;to enable multi-factor authentication [&hellip;]<\/p>\n","protected":false},"author":206,"featured_media":0,"template":"","meta":{"_acf_changed":false,"_oasis_is_in_workflow":0,"_oasis_original":0,"_oasis_task_priority":"","inline_featured_image":false,"footnotes":""},"support_category":[2845,2896,2908,2854],"support_tag":[],"coauthors":[2842],"class_list":["post-84319","support","type-support","status-publish","hentry","support_category-authentication","support_category-cloud-ldap","support_category-mfa","support_category-security-management"],"acf":[],"yoast_head":"<!-- This site is optimized with the Yoast SEO Premium plugin v25.3.1 (Yoast SEO v25.3.1) - https:\/\/yoast.com\/wordpress\/plugins\/seo\/ -->\n<title>Configure MFA for LDAP - JumpCloud<\/title>\n<meta name=\"description\" content=\"Learn how to use conditional access or global policies to require MFA for LDAP.\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/jumpcloud.com\/support\/configure-mfa-for-ldap\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Configure MFA for LDAP\" \/>\n<meta property=\"og:description\" content=\"Browse the JumpCloud Help Center by category, search for a specific topic, or check out our featured articles.\" \/>\n<meta property=\"og:url\" content=\"https:\/\/jumpcloud.com\/support\/configure-mfa-for-ldap\" \/>\n<meta property=\"og:site_name\" content=\"JumpCloud\" \/>\n<meta property=\"article:modified_time\" content=\"2026-01-22T10:19:38+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/jumpcloud.com\/\/wp-content\/uploads\/2023\/05\/new-ldap-cap.png\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:label1\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data1\" content=\"4 minutes\" \/>\n\t<meta name=\"twitter:label2\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data2\" content=\"Pam Kellman\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"WebPage\",\"@id\":\"https:\/\/jumpcloud.com\/support\/configure-mfa-for-ldap\",\"url\":\"https:\/\/jumpcloud.com\/support\/configure-mfa-for-ldap\",\"name\":\"Configure MFA for LDAP - JumpCloud\",\"isPartOf\":{\"@id\":\"https:\/\/jumpcloud.com\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\/\/jumpcloud.com\/support\/configure-mfa-for-ldap#primaryimage\"},\"image\":{\"@id\":\"https:\/\/jumpcloud.com\/support\/configure-mfa-for-ldap#primaryimage\"},\"thumbnailUrl\":\"https:\/\/jumpcloud.com\/\/wp-content\/uploads\/2023\/05\/new-ldap-cap.png\",\"datePublished\":\"2023-06-05T17:11:34+00:00\",\"dateModified\":\"2026-01-22T10:19:38+00:00\",\"description\":\"Learn how to use conditional access or global policies to require MFA for LDAP.\",\"breadcrumb\":{\"@id\":\"https:\/\/jumpcloud.com\/support\/configure-mfa-for-ldap#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/jumpcloud.com\/support\/configure-mfa-for-ldap\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/jumpcloud.com\/support\/configure-mfa-for-ldap#primaryimage\",\"url\":\"https:\/\/jumpcloud.com\/\/wp-content\/uploads\/2023\/05\/new-ldap-cap.png\",\"contentUrl\":\"https:\/\/jumpcloud.com\/\/wp-content\/uploads\/2023\/05\/new-ldap-cap.png\"},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\/\/jumpcloud.com\/support\/configure-mfa-for-ldap#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\/\/jumpcloud.com\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Support\",\"item\":\"https:\/\/jumpcloud.com\/support\"},{\"@type\":\"ListItem\",\"position\":3,\"name\":\"Configure MFA for LDAP\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/jumpcloud.com\/#website\",\"url\":\"https:\/\/jumpcloud.com\/\",\"name\":\"JumpCloud\",\"description\":\"Daily insights on directory services, IAM, LDAP, identity security, SSO, system management (Mac, Windows, Linux), networking, and the cloud.\",\"publisher\":{\"@id\":\"https:\/\/jumpcloud.com\/#organization\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/jumpcloud.com\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\/\/jumpcloud.com\/#organization\",\"name\":\"JumpCloud\",\"url\":\"https:\/\/jumpcloud.com\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/jumpcloud.com\/#\/schema\/logo\/image\/\",\"url\":\"https:\/\/jumpcloud.com\/wp-content\/uploads\/2021\/01\/jc-logo-brand-2021.png\",\"contentUrl\":\"https:\/\/jumpcloud.com\/wp-content\/uploads\/2021\/01\/jc-logo-brand-2021.png\",\"width\":598,\"height\":101,\"caption\":\"JumpCloud\"},\"image\":{\"@id\":\"https:\/\/jumpcloud.com\/#\/schema\/logo\/image\/\"}}]}<\/script>\n<!-- \/ Yoast SEO Premium plugin. -->","yoast_head_json":{"title":"Configure MFA for LDAP - JumpCloud","description":"Learn how to use conditional access or global policies to require MFA for LDAP.","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/jumpcloud.com\/support\/configure-mfa-for-ldap","og_locale":"en_US","og_type":"article","og_title":"Configure MFA for LDAP","og_description":"Browse the JumpCloud Help Center by category, search for a specific topic, or check out our featured articles.","og_url":"https:\/\/jumpcloud.com\/support\/configure-mfa-for-ldap","og_site_name":"JumpCloud","article_modified_time":"2026-01-22T10:19:38+00:00","og_image":[{"url":"https:\/\/jumpcloud.com\/\/wp-content\/uploads\/2023\/05\/new-ldap-cap.png","type":"","width":"","height":""}],"twitter_card":"summary_large_image","twitter_misc":{"Est. reading time":"4 minutes","Written by":"Pam Kellman"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"WebPage","@id":"https:\/\/jumpcloud.com\/support\/configure-mfa-for-ldap","url":"https:\/\/jumpcloud.com\/support\/configure-mfa-for-ldap","name":"Configure MFA for LDAP - JumpCloud","isPartOf":{"@id":"https:\/\/jumpcloud.com\/#website"},"primaryImageOfPage":{"@id":"https:\/\/jumpcloud.com\/support\/configure-mfa-for-ldap#primaryimage"},"image":{"@id":"https:\/\/jumpcloud.com\/support\/configure-mfa-for-ldap#primaryimage"},"thumbnailUrl":"https:\/\/jumpcloud.com\/\/wp-content\/uploads\/2023\/05\/new-ldap-cap.png","datePublished":"2023-06-05T17:11:34+00:00","dateModified":"2026-01-22T10:19:38+00:00","description":"Learn how to use conditional access or global policies to require MFA for LDAP.","breadcrumb":{"@id":"https:\/\/jumpcloud.com\/support\/configure-mfa-for-ldap#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/jumpcloud.com\/support\/configure-mfa-for-ldap"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/jumpcloud.com\/support\/configure-mfa-for-ldap#primaryimage","url":"https:\/\/jumpcloud.com\/\/wp-content\/uploads\/2023\/05\/new-ldap-cap.png","contentUrl":"https:\/\/jumpcloud.com\/\/wp-content\/uploads\/2023\/05\/new-ldap-cap.png"},{"@type":"BreadcrumbList","@id":"https:\/\/jumpcloud.com\/support\/configure-mfa-for-ldap#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/jumpcloud.com\/"},{"@type":"ListItem","position":2,"name":"Support","item":"https:\/\/jumpcloud.com\/support"},{"@type":"ListItem","position":3,"name":"Configure MFA for LDAP"}]},{"@type":"WebSite","@id":"https:\/\/jumpcloud.com\/#website","url":"https:\/\/jumpcloud.com\/","name":"JumpCloud","description":"Daily insights on directory services, IAM, LDAP, identity security, SSO, system management (Mac, Windows, Linux), networking, and the cloud.","publisher":{"@id":"https:\/\/jumpcloud.com\/#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/jumpcloud.com\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/jumpcloud.com\/#organization","name":"JumpCloud","url":"https:\/\/jumpcloud.com\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/jumpcloud.com\/#\/schema\/logo\/image\/","url":"https:\/\/jumpcloud.com\/wp-content\/uploads\/2021\/01\/jc-logo-brand-2021.png","contentUrl":"https:\/\/jumpcloud.com\/wp-content\/uploads\/2021\/01\/jc-logo-brand-2021.png","width":598,"height":101,"caption":"JumpCloud"},"image":{"@id":"https:\/\/jumpcloud.com\/#\/schema\/logo\/image\/"}}]}},"_links":{"self":[{"href":"https:\/\/jumpcloud.com\/wp-json\/wp\/v2\/support\/84319","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/jumpcloud.com\/wp-json\/wp\/v2\/support"}],"about":[{"href":"https:\/\/jumpcloud.com\/wp-json\/wp\/v2\/types\/support"}],"author":[{"embeddable":true,"href":"https:\/\/jumpcloud.com\/wp-json\/wp\/v2\/users\/206"}],"version-history":[{"count":2,"href":"https:\/\/jumpcloud.com\/wp-json\/wp\/v2\/support\/84319\/revisions"}],"predecessor-version":[{"id":138460,"href":"https:\/\/jumpcloud.com\/wp-json\/wp\/v2\/support\/84319\/revisions\/138460"}],"wp:attachment":[{"href":"https:\/\/jumpcloud.com\/wp-json\/wp\/v2\/media?parent=84319"}],"wp:term":[{"taxonomy":"support_category","embeddable":true,"href":"https:\/\/jumpcloud.com\/wp-json\/wp\/v2\/support_category?post=84319"},{"taxonomy":"support_tag","embeddable":true,"href":"https:\/\/jumpcloud.com\/wp-json\/wp\/v2\/support_tag?post=84319"},{"taxonomy":"author","embeddable":true,"href":"https:\/\/jumpcloud.com\/wp-json\/wp\/v2\/coauthors?post=84319"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}