So, You Want to Use JumpCloud Policies?

Written by Katie Osland on August 10, 2020

Share This Article

Do any of these sound like you?

  • You recently started using JumpCloud®, or you’ve been on the platform for some time, and just aren’t sure why you should use Policies. 
  • You are shifting to the cloud but have experience using Active Directory (AD) and are familiar with the breadth of Group Policy Objects (GPOs) available to your domain
  • You’re a longtime JumpCloud customer and are extremely well-versed in what Policies are available, and are excitedly awaiting more updates and enhancements. 

Maybe you don’t fit any of those descriptions — but there’s likely still something for all of you here. Maybe you’re not even sure where to begin and are managing Windows® devices for the first time.

Regardless of where you are in your JumpCloud journey, we’re implementing ways to help make your life easier and make remote work happen. Let’s take a step back and review what using Policies within JumpCloud means.

What are Policies in JumpCloud and Why Should You Use Them? 

Policies give you the power to configure specific settings to fit your needs for fleet control, select the system(s) and/or system groups where you’d like to enforce these configurations, and apply the Policy from your Administrator Portal. Most JumpCloud Policies work at the system level, however a few work additionally at the user level if the users are managed in JumpCloud, such as the Mac® Lock Screen Policy.

Policies are extremely useful if you have a set of configurations to apply across your fleet or a list of compliance standards you’d like to implement. Policies are applied to systems when they come online, and continuously checked to enforce the set configurations, to ensure that the systems you manage are in compliance.

You’ll find a number of Policies ready to be used for systems on Windows, Mac or Linux®. Where possible, we develop cross-OS Policies so that if you have a Policy that disables the use of some type of removable media in Windows, you can apply a similar Policy to Mac and Linux systems.

Policies give you the peace of mind that your entire fleet is configured consistently and securely. Admin needs differ per OS, and we constantly evaluate which Policies we can implement to make your job easier.

JumpCloud’s website updates when we add a new Policy into the Admin Console. You can sort by OS, name, or description to get a sense for what we offer at a more comprehensive level.

Policies for Every Level of JumpCloud Administrator

Beginners: 

When you start using JumpCloud, you may not be sure where to begin with Policies.

For this uncharted territory, it can be confusing to know which Policies to use and, in some cases, what they’ll actually do and when they’ll get applied to your fleet. To help minimize that confusion, your JumpCloud Admin Portal clarifies what’s happening, if there are any user actions needed, and which settings work on which version of the operating system your users have. Check out the Policy panel information as you search through which ones to add to your fleet!

Your Admin Console also provides Policy recommendations to make it easier to know where to begin. The first time you log into the Admin Console and head to the Policies page, you’ll see “Recommended Policies” and which OS is supported, along with an easy way to start configuring and applying them, at the top of the page. Here are a few of the most popular JumpCloud Policies that you’ll see: 

Don’t forget: Policies are nuanced. Make sure you take time to read the Policy panel details and associated Knowledge Base articles where applicable. There are often critical nuances across OS versions, especially for Windows. We add more detail to the most-used Policies to minimize the amount of time you need to think about the considerations.

Intermediate: 

Know the Policies you need to apply to your systems to maintain the security posture you desire? Great! Here are a few tips for when you’ve applied these Policies and want to ensure they’re working as expected:

  • Is the OS upgraded to the latest agent
  • Is the OS version supported
  • On Windows, did you check the PolicyConf to see if it updated after you applied the new Policy configurations to the system? (This file is found under the JumpCloud folder in Program Files.) 
  • Are any specific actions required per the Policy panel? Often Windows Policies require a device restart, or the user logging out and then back in again, for the Policy to apply. 
  • How long has it been since you applied the Policy? It can vary per Policy: some apply instantaneously, while others apply after gpupdate runs which can be approximately every 10 minutes. If you don’t immediately see a Policy in place, wait 10-15 minutes and then check back in.

Pro Tip: For Windows Policies, check out gpsearch for detailed information on OS version and some information on registry keys. 

Share any other pro tips you’ve learned along the way with us in the JumpCloud Lounge Slack workspace!

Advanced: 

Not finding a Policy you knew and loved from your AD GPO days? Have a .mobileconfig file you want to upload and enforce on your MDM-enrolled Mac systems? We give you the keys to the kingdom to modify the registry of your Windows systems or enforce specific profiles on your MDM-enrolled Macs.

Take note: These Policies are NOT for beginners. If you aren’t extremely comfortable with registry keys or .mobileconfig files and what settings should or should not be edited, we strongly recommend that you don’t use these Policies. If you do decide to give them a try, consider testing on a VM first to ensure you’re modifying the right keys or profiles and that these Policies will function as you expect.

Ready to Start Using Policies? 

No matter your experience level as a JumpCloud Admin, you can find the right place to start using Policies for the Windows, Mac, and Linux systems you manage. You can also learn more about Policies by watching this on-demand Office Hours episode where we cover using Policies and Commands in JumpCloud.

We would love to hear from you if there’s more we could do that would be helpful as you use JumpCloud Policies! Submit an idea through the Admin Console or come hang out with us on Slack in the JumpCloud Lounge Policies channel (#policies).

Continue Learning with our Newsletter