The JumpCloud agent has several capabilities as it relates to your systems:
- Supports multiple flavors of Linux, Mac, and Windows (see here for a complete list)
- Has the ability to add, modify, and delete local user accounts, including settings passwords, updating full name fields, and changing group membership. Because the JumpCloud agent manages local user accounts, a loss of Internet access will not prevent users from logging in - though you won't be able to make changes on that host via JumpCloud's console or API.
- Can "take over" management of existing user accounts on a system when the username in JumpCloud matches the (short) username on the system.
- (Linux only) Can enable multi-factor authentication via SSH with username and password, leveraging Google Authenticator.
- (Mac and Linux only) Has the ability to create and manage local system groups and their members.
- Can run commands that you specify in JumpCloud Commands. On Mac and Linux, commands are run in the shell. On Windows, you can choose between cmd and PowerShell. Commands can be run either immediately, on a schedule, or based on an external event such as a user being added or removed, or based on JumpCloud's receipt of an inbound web-hook.
The JumpCloud agent is written in Go (with a bit of C++ in Windows). It has a memory footprint of approximately 5-7MB of RAM and runs as a compiled native binary.
It contacts JumpCloud's servers (see here for a list of endpoints the agent contacts) using a long HTTPS poll every 60 seconds looking for new work to do. If work is available, the agent downloads the work request and executes it.
JumpCloud agent log files can be found in:
See Getting Started: Systems
See How to Uninstall the JumpCloud Agent