A template or system image can be used to efficiently set up multiple devices that include the JumpCloud agent and are all configured exactly the same way. This uniformity is helpful when troubleshooting technical issues.
After you customize the OS, applications, drivers, and settings on a single computer (the imaging host), pre-install the JumpCloud agent before creating the image and deploying it to other computers.
Any device deployed from the template or image has a unique device record in your JumpCloud organization.
Considerations:
- Pre-installing the agent on a template or image doesn’t create any JumpCloud user account associations. You must associate users with devices after the unique device record is created because the template isn’t a unique record. You can automate user associations with JumpCloud’s API.
Do not reboot the device or restart the agent after removing the files in Step 4 of the following procedure. The agent is configured to start on boot. When the agent starts, it recreates the files and creates a unique device record in your organization. Deploying from an image with certificates and configuration files in place results in duplicate device records.
To pre-install the agent on a template or system image:
- Before proceeding with installing the agent on a Windows imaging host, ensure that you do not have automatic enrollment enabled on Windows 10 & 11 devices:
- Log in to the JumpCloud Admin Portal.
- Go to DEVICE MANAGEMENT > MDM.
- Click the Windows tab.
- Ensure that the Automatically enroll all Windows 10 & 11 devices into Windows MDM checkbox is disabled.
After you have completed creating or updating the system image, you can re-enable this option.
- On the imaging host, install the agent from the Admin Portal or the command line.
- Stop the agent on the imaging host in one of the following ways:
- Windows:
sc stop jumpcloud-agent
- Linux:
service jcagent stop
- For newer Linux devices with systemd, you can also use
systemctl: systmctl stop jcagent
- For newer Linux devices with systemd, you can also use
- Windows:
- Remove the following files: ca.crt, client.crt client.key, and jcagent.conf.
- Use one of these methods to remove the files:
- Windows – Open the following folder and remove the files:
C:\Program Files\JumpCloud\Plugins\Contrib
- Linux – Run the following command:
sudo rm -f /opt/jc/ca.crt /opt/jc/client.crt /opt/jc/client.key /opt/jc/jcagent.conf
- Windows – Open the following folder and remove the files:
- Use one of these methods to remove the files:
- Remove the device record created for this template in the Admin Portal, otherwise this device is orphaned. All operating systems use these steps: (You can also use the JumpCloud API.)
- Log in to the JumpCloud Admin Portal.
- Go to DEVICE MANAGEMENT > Devices.
- Select the checkbox next to the imaging host.
- Click delete.
- Configure the template or image to set unique network parameters such as hostname, IP, MAC, before the agent starts. This forces the agent to use the details for the specific device when it checks in with JumpCloud rather than using those assigned to the template.
- Without rebooting the imaging host, create the template or image.
- Associate users with devices in the Admin Portal or JumpCloud API.
- Admin Portal:
- Log in to the JumpCloud Admin Portal.
- Go to DEVICE MANAGEMENT > Devices.
- Select a device.
- Select the Users tab.
- Select the checkbox for the user’s account.
- Click save device.
- JumpCloud API:
- Use the following endpoint:
POST
/users/{user_id}/associations - See JumpCloud API Users documentation.
- Use the following endpoint:
- Admin Portal: