Help Center Home > Devices > Use Windows and Linux Security Commands

Use Windows and Linux Security Commands

JumpCloud provides Windows and Linux security commands that allow devices to remotely execute management commands.

Tip:

Looking for macOS security commands? See MDM Commands.

Device management uses the following basic process:

  1. The server sends out a push notification to the device.
  2. The device polls the server for a command in response to the push notification.
  3. The device performs the command.
  4. The device contacts the server to report the result of the last command and to request the next command.

Note: If the admin issues a command while the device is offline, the command will not expire and will remain in the queued state until the device comes back online.

Prerequisites

Considerations

  • Consider creating system backups before modifying or eliminating a device.
  • There is a known limitation on Linux Mint 21 Cinnamon devices that prevents IT Admins from enabling the lock device security command successfully.

Tip:

Security Commands can now be executed directly from the Devices list using the Action menu.

Locking a Device

This feature remotely locks the screen for the device. The user can unlock the device by logging back in.

To lock a device:

  1. Log in to the JumpCloud Admin Portal.
  2. Go to DEVICE MANAGEMENT > Devices.
  3. Select a Windows or Linux device to view from the devices list.
  4. Locate the Security Commands on the left.
  5. Click lock device.
  6. Click yes, lock to confirm that you want to remotely lock the device. Any bound users will be able to unlock the device by logging back in. The user’s session resumes when the user logs back in to the device. Any applications that were left open are intact when resumed.

Note:

The lock feature works on Linux systems that have a GUI.

Restarting a Device

Warning: When you send this command, the device restarts and any unsaved progress will be lost.

To restart a device:

  1. Log in to the JumpCloud Admin Portal.
  2. Go to DEVICE MANAGEMENT > Devices.
  3. Select a Windows or Linux device to view from the devices list.
  4. Locate the Security Commands on the left.
  5. Click restart device.
  6. You’re prompted to confirm that you want to remotely restart the device.
  7. Click yes, restart.
  8. The user’s device restarts after Windows or Linux displays a series of warning dialogs, giving the user a chance to save any work before the system restarts.

Note:

The JumpCloud agent may not detect quickly restarted devices, so the status may not change.

Shutting Down a Device

Warning:

When you send this command, the device shuts down and any unsaved progress will be lost.

To shut down a device:

  1. Log in to the JumpCloud Admin Portal.
  2. Go to DEVICE MANAGEMENT > Devices.
  3. Select a Windows or Linux device to view from the devices list.
  4. Locate the Security Commands on the left.
  5. Click shut down device.
  6. Click yes, shut down to confirm that you want to remotely shut down the device. The user’s device is shut down.

Note:

After you run the command, it takes 5-10 minutes for the device’s status to change in the JumpCloud Admin Portal.

Erasing a Device

Warning:

When you send this command, everything on the hard drive, including Windows or Linux software, all user accounts, and settings, is removed and can’t be recovered. The operating system is reset to its default state and settings.

Note:

If the Windows Recovery Environment (Windows RE) is disabled on Windows 10 or 11 client computer, the device cannot be erased. The RemoteWipe CSP requires Windows RE to function. For more information, see Microsoft's documentation.

To erase a device:

  1. Log in to the JumpCloud Admin Portal.
  2. Go to DEVICE MANAGEMENT > Devices.
  3. Select a Windows or Linux device to view from the devices list.
  4. Locate the Security Commands on the left.
  5. Click erase device.
  6. Click yes, erase to confirm that you want to remotely erase the device. The user’s device is erased.

Note:
  • After you run the command, it takes 5-10 minutes for the device’s status to change in the JumpCloud Admin Portal.
  • On some Linux devices:
    • Erasures may take up to several hours to complete for some hardware configurations. In these cases, the erase action may not return a response in the Admin Portal.
Back to Top

List IconIn this Article

Notebook IconLearn More

JumpCloud Agent Compatibility, System Requirements, and Impacts

Get Started: Commands

MDM Commands

Still Have Questions?

If you cannot find an answer to your question in our FAQ, you can always contact us.

Submit a Case