Showing results for 
Search instead for 
Did you mean: 

Forum Posts

Commands for Critical Outlook/Exchange Privilege Escalation

It's been a minute since I posted about using JumpCloud Commands for security remediations. There's a particularly nasty zero day that's been actively exploited now that involves attackers obtaining an NTLM hash (Windows password) through Microsoft 3...

Screenshot 2023-03-15 at 4.11.28 PM.png
JCDavid by Rising Star III
  • 0 replies
  • 0 kudos

Crowdstrike Custom SAML app not (fully) working

Hi everyone, I've been trying to implement Crowdstrike's SSO following the documentation that can be found in Crowdstrike's portal, and it somewhat-works. Here's what I mean:After following the steps, when clicking on the app, I get re-directed to Cr...

TOTP for Admin Account Stopped Working

Last week I went to login as an Administrator account, only to find that my TOTP code was no longer working from my iOS Authenticator app. JumpCloud said the code was not valid. After a few login attempts, my admin account is now locked. Resetting th...

Some Fun with Azure AD and Intune

Friday was supposed to be an easy day off where I spent some time to help a friend set up the Microsoft Azure features that he was paying for (but not using). His firm takes client data seriously and needed my help. It was content to maximize the Mic...

JCDavid by Rising Star III
  • 0 replies
  • 1 kudos

Resolved! Giving Partial Admin Rights To Users

My company recently deployed jumpcloud for our endpoints and I was wondering if anyone knew of a way through jumpcloud to give partial admin rights to my users.  I do not want my users to reach out to me each time they need the admin password to add/...

blee145 by Novitiate I
  • 3 replies
  • 0 kudos

Session Timeout

There is some way to set session Timeout only for certain logins? I.e. user1 need to do an activity all night long, but I don't want to grant an session on entire Jumpcloud env. Att,

Windows Zero Days: Consider Mitigations Through Commands

Patch Tuesday has become Zero Day Tuesday ... there are six actively exploited vulnerabilities this week alone. It's not always possible to wait for a patch, or a patch may not be sufficient (recall PrintNightmare, Follina, and MSDT). There was a pra...

JCDavid by Rising Star III
  • 0 replies
  • 1 kudos

YouTrack SSO

So, I just configured SSO for YouTrack and it worked almost the first time.  The hardest part was getting the SHA256 fingerprint of the JumpCloud certificate.I followed the instructions here (

RNHurt by Novitiate II
  • 0 replies
  • 1 kudos

Admin locked out!

When I try to login as admin my OTP-code says; Verification code was invalid or already used.It does not work. If I try to reset my password I need also an OTP code. I'm locked out and have no clue how to solve this.

FB991 by Novitiate I
  • 1 replies
  • 0 kudos

How do you manage admin access to user accounts?

Hello Admins , How do you manage admin access rights in your organization. Since jumpcloud only offers choco package , how do you manage pushing software to employees? I am thinking to setup non admin user accounts so that we could improve security ,...

Full Disk Encryption is a No-Brainer

Yesterday, I was assembling some notes on the benefits of having Full Disk Encryption (FDE) being available across all Linux distros. I awoke to a high severity CVE concerning OpenSSL, which is generally used to secure communications on the (OSI) tra...

JCDavid by Rising Star III
  • 0 replies
  • 0 kudos

Brute Forcing a Domain Controller

This video was very enlightening. A great deal of information about your infrastructure can be obtained from a single vulnerable user. The demo used tools that are bundled with Kali Linux. A must see for Windows admins...[video]

JCDavid by Rising Star III
  • 0 replies
  • 0 kudos

Monitor JumpCloud with Datadog

Just saw this post from Datadog that allows you to monitor your JumpCloud environment using Datadog. I never got around to setting this up, only did SSO. Does anyone else use this?Monitor Your JumpCloud Directory With Datadog | Datadog (


Cyber Insurance Audits

An old colleague just told me:"we actually got audited by our cyber security insurance provider and they enforced us to have MFA on literally everything. Down to the switches. It was huge pain in the a**."Have any of you ever faced challenges related...

JCDavid by Rising Star III
  • 0 replies
  • 0 kudos

Passwordless Authentication, what does it mean?

Industry buzzword, or really necessary? Passwordless authentication is something that comes up a lot in the world of Identity and Access Management.  We all have difference of opinion in "true" password less authentication. What does it mean to you? ...

Stuff You Learn by Walking Around

A thread in an MSP Facebook group discussion that I read this morning surfaced a memory from a few years back. I served as an IT director at a manufacturing company, and it was my job to create a security program. One of the greatest lessons I learne...

JCDavid by Rising Star III
  • 8 replies
  • 2 kudos

User-Based Policies?

Hello,I've been keeping an eye on Jumpcloud's progress and have been wanting to switch our small company over to it from Active Directory for quite some time now. The problem is that our company has multiple users jumping on and off each of our PCs t...

Denver by Novitiate I
  • 2 replies
  • 0 kudos