cancel
Showing results for 
Search instead for 
Did you mean: 

The magical command trigger webhook

shawnsong
Rising Star II
Rising Star II

Inspired by @JuergenKlaassen 's latest post for Local Admin management - to secure the local admin with an unique and ephemeral password, we can take this a step further by using the the cmd trigger webhook, to pass in "parameters" as the environment variable for the cmd to run, completely invisible to anyone, and leave no trace behind.

So you can follow this guide to setup the cmd trigger and webhook. 

And pass in the variables by simply making a POST call: 

shawnsong_0-1666262301806.png

in my case above, i wanted to pass in the administrator account name for creation, and eventually i wanted to have the password delivered in a Slack channel.

Once the cmd successful ran on a windows box, i got this:

shawnsong_1-1666262472810.png

Tested login, all good! 

You can find the forked version from Juergen's script here if you want give it a go.

This capability opens a door to the infinite world of possibilities - imagine you can have multiple cmd triggers like modules can be called and pass data with each other 🚀

Happy automating with JumpCloud!

3 REPLIES 3

steven
Rising Star III

Ah this is fantastic! We have a non-jc controlled "sysadmin" account that has full sudo privileges to the servers, but we randomly generate the passwords when creating and storing them in our internal asset tracking system. We've set it so that our COO, Jr. SysAdmin and myself can request the password whenever we need it. Then after 24 hours it connects to the server using the saved password and generates another random one. Having this hook to also alert our systems slack channel will be handy so we have an audit log of who and when they requested it!

shawnsong
Rising Star II
Rising Star II

Yep, and for what it worth, if you can pipe the randomly gened pw as the parameters pass in to the hook, actually you will able to keep the pw clear text trace clean - wont show up in cmd results, or leave on the server etc. 😉

LOVE, Thank you!

You Might Like

New to the site? Take a look at these additional resources:

Community created scripts:

Our new Radical Admin blog:

Keep up with Product News:

Read our community guidelines

Ready to join us? You can register here.