JumpCloud now has an agents for; linux , macosx and windows. My experience is based around the linux OS, but in this demo I will show the process for a MACOSX on my laptop. Functionally the concept are mutually the same.
1st you need to install the agent on the system that we want to control. This is a simple installer that use a limited space and is highly effective.
https://support.jumpcloud.com/customer/portal/articles/2441026--windows-os-x-downloading-jumpcloud-agent-from-command-line
The sagent once install, and activated with your unique registration key , will now show up in your portal.
Here you can bound user(s) to a system(s). Take the follow visio as a possible deployment method for a group of LAMP servers.
From a single jumpcloud portal. I could assign user(s) to each server without sys administration of the servers directly. These systems could be anywhere in any DC, virtual or real.
This means in a nutshell; " we can create or delete user(s)" in just meer seconds or minutes, and never have to login into the server(s) to add or delete the accounts "
Great if you have a new sysAdmin who's onboarding, or a recent end-user termination.
1st we install the JCagent on the related systems;
Part of the agent install is to pipe in the registration key that's unique to your portal
Once the agent is up and have callhome into JumpCloud, you will see the systems details.
Under the mac and linux you will find a unix-proc that;s running and the conf file for the systems values are held here
Now we create the JumpCloud user in the portal
And finally bind the user(s) to the systems
You can still manage local accounts with the agent installed
From now on, we can monitor the JCagentlog file & in the macosx system preferenec > Users we can find these new users added to the system.
You will find that accounts are add/delete in meer seconds for the most part after you bind them to the system.
If you delete a user account the logs will show the following
Yes sir, it's really that simple. To give you a example. I spent more time post these screenshot and writing this blog than doing the administrator work of creating and deleting the users in this example
:)
JumpCloud's LDAP-aaS and the many other offerings, is a great means for controlling users and provides a solid based for system-access and IAM.
All JumpCloud agent communication is done over tcp to the jumpcloud instance stroked in AWcompute-1.amazonaws.com
Read this for proxy setup & if you have a localize http-proxy. I believe most transparent proxies will break the agent capabilities
KenFelix
NSE ( network security expert) and Route/Switching Engineer
kfelix -----a----t---- socpuppets ---dot---com
^ ^
=( @ @ )=
o
/ \
No comments:
Post a Comment