Wednesday, May 10, 2017

JumpCloud System Agent and how it can be helpful

In this post I will demo how the jumpCloud Agent  can be used to create/delete  system- users per  unix systems.


JumpCloud now  has an agents  for;   linux , macosx and windows. My experience is based around  the  linux OS,  but in this demo I will show the process for a MACOSX  on my laptop. Functionally the concept are mutually the same.


1st you need to install the agent on the system that we want to control. This is a simple  installer that use a limited space and is highly effective.

https://support.jumpcloud.com/customer/portal/articles/2441026--windows-os-x-downloading-jumpcloud-agent-from-command-line

The sagent once install,  and activated with your unique   registration key , will now  show up in  your portal.

Here you can bound  user(s) to a system(s). Take the follow  visio as a  possible deployment method for  a group of LAMP servers.





From a single  jumpcloud portal. I could assign user(s) to each server without sys administration of the servers directly. These systems could be anywhere in any DC, virtual or real.

This means  in a nutshell; " we can create or delete user(s)"  in just meer  seconds or minutes,  and never have to login into the server(s) to add or delete the accounts "

Great if you have a new sysAdmin who's onboarding,  or a  recent end-user termination.

1st we install the JCagent on the  related systems;



Part of the agent install is to pipe in  the registration key that's unique to your portal




Once the agent is up  and have callhome into JumpCloud, you will see the systems details.



Under the mac and linux you will find a unix-proc that;s running and the conf file for the  systems values are held here









Now we create the JumpCloud user in the portal





And finally bind the user(s) to the systems






 You can still manage local accounts with the agent installed







From now on, we can monitor the  JCagentlog file & in the macosx system preferenec > Users  we can find these new users added to  the system.






You will find that accounts are add/delete in meer seconds for the most part after you bind them to the system.


If you delete a user account the logs will show the following




Yes sir, it's really that simple. To give you a example. I spent more time post these screenshot and writing this blog than doing the administrator work of creating and deleting the users in this example

:)


JumpCloud's    LDAP-aaS and the many other offerings,  is a great means for controlling users and provides a solid  based for system-access and IAM.


All JumpCloud agent communication is done over tcp to the jumpcloud instance stroked in  AWcompute-1.amazonaws.com




Read this for proxy  setup &  if you have a localize  http-proxy. I believe most transparent  proxies will break the agent capabilities





KenFelix

NSE ( network security expert) and Route/Switching Engineer
kfelix  -----a----t---- socpuppets ---dot---com
     ^      ^
=(  @  @ )=
         o 
        /  \

No comments:

Post a Comment