- Create, modify, and disable local user accounts
- Manage SSHD configuration (Linux)
- Enforce MFA (Mac, Linux SSH)
- The execution of Commands
To add a new system, go to Systems, select the +.
This will present a New System side panel. Here you will be presented with tabs for the appropriate OS download and some documentation around using Puppet or Chef to manage the installation. There is also documentation on command line deployment, deploying via template or AMI, or leveraging the JumpCloud API.
Installation should complete within 1-2 minutes, check in, and show active in the console. Once available, select the system record to be presented with the system Details side panel.
- Display Name - This will default to the hostname of the system, but can be set to any desired string
- Immutable details - Details like the hostname, IP, and other fields that cannot be modified are kept up to date on a regular basis via the agent service
- SSH Options (Linux) - These options will modify the SSHD configuration. The agent will attempt to control the SSHD configuration regardless of other software that may interact with it. Configuration management, other security modules, or anything else that may attempt to change these files in conjunction with the agent may result in adverse behavior. Public Key Authentication + Multifactor is not currently supported.
- Displays System group membership and allows the system to be added or removed from (de)selected groups.
- Displays the relationship between the system and bound users
- Bound via Group Membership:
- Users with 'Enable Permissions' displayed means they are bound to the system via group membership.
- If the binding is removed, you will be presented the option to remove the user from the group granting access.
- Select 'Enable Permissions' to create a direct binding between user and system to allow for Standard User or Administrator permissions to be set. Group membership for the user remains unchanged.
- Bound directly:
- Users with a permission displayed means the user is bound directly to the system.
- Type of permission can be defined for this individual user
- If the binding is removed, the direct relationship between system and user is removed. The user may still have access granted to the system via Group membership as above. Direct binding sits "On top" of Group membership in the UI