If you don't want JumpCloud to manage a device, remove the following components:
- The device's record from the Admin Portal.
- The agent from the local device.
- Any JumpCloud policies on the local device.
If a device is active, all of these components are automatically removed for you. You can find the status of a device in the Admin Portal in the Devices list. Depending on the device status, the agent's components are uninstalled in the following ways:
Component Uninstall Based on Device Status
Status | Device Record | Agent | Policies |
---|---|---|---|
Active, System Reporting | Removed | Removed | Removed |
Inactive, System Not Reporting | Removed | Not removed | Not removed |
- If the device has a status of Active, System Reporting when it's deleted from the Admin Portal, the device's record, the JumpCloud agent, and policies are automatically removed.
- If the device has a status of Inactive, System Not Reporting when it's deleted from the Admin Portal, only the device's record is removed. To complete the uninstall process, you need to log on to that device and manually remove the agent and policies.
There are two methods to uninstall the agent:
Both of these tools can uninstall all agent components from Mac, Windows, and Linux devices.
Considerations:
- In rare cases, policies aren't removed automatically from Windows devices. If this happens, you can manually remove Windows policies.
- Uninstalling the agent from a device should be used as a last resort if the device is no longer online or communicating with JumpCloud.
Using the Admin Portal to Uninstall the Agent
When you remove the agent from a device, all associated policies, files, and directories are also removed. See the complete list in Agent Compatibility, System Requirements, and Impacts.
Considerations:
- If you log on to a device and manually remove the agent first, a record remains in the Admin Portal. You can use these steps to remove only the device record if the device has a status of Inactive, System Not Reporting.
To uninstall the agent from the Admin Portal:
- Log in to the Admin Portal: https://console.jumpcloud.com.
- Go to Device Management > Devices.
- Select the device you want to stop managing. To uninstall all JumpCloud components associated with the device, make sure it has a status of Active, System Reporting.
- Click delete.
The device's record is removed from the Admin Portal.
- If the device has a status of Active, System Reporting when it's deleted from the Admin Portal, the JumpCloud agent and policies are also automatically removed.
- If the device has a status of Inactive, System Not Reporting when it's deleted from the Admin Portal, you need to log in to that device and manually remove the agent and policies.
- It can take up to two minutes for the agent and all associated files to be uninstalled from the local device.
Best Practice:
If you're removing the agent from a Windows device, verify the JumpCloud policies have been removed by running this command as administrator:
gpresult /Scope Computer /v
If they remain, you need to manually remove policies from the Windows device.
Using the JumpCloud API to Uninstall the Agent
Follow these steps to run a curl command to access the JumpCloud API and uninstall the agent. The JumpCloud API allows interaction with JumpCloud resources such as commands, devices, and users.
Considerations:
- Deleting a device through the JumpCloud API can take up to a minute to complete.
- When you remove the agent from a device, all associated policies, files, and directories are also removed. See the complete list in the Agent Compatibility, System Requirements, and Impacts article.
- If you log on to a device and manually remove the agent first, a record remains in the Admin Portal. You can use these steps to remove only the system record if the system has a status of Inactive, System Not Reporting.
To uninstall the agent from the Admin Portal:
- Review the API documentation to determine, based on your type of integration, which version of the JumpCloud API to use.
- Use the following sample request, replacing SystemID and API_KEY with the values specific to the device you want to stop managing. For definitions of keys, path parameters, and headers, review the API documentation for Delete command.
curl -X DELETE https://console.jumpcloud.com/api/systems/{SystemID} \
-H 'Accept: application/json' \
-H 'Content-Type: application/json' \
-H 'x-api-key: {API_KEY}'
When the command completes successfully, the system's record is removed from the Admin Portal.
- If the device has a status of Active, System Reporting when it's deleted from the Admin Portal, the JumpCloud agent and policies are also automatically removed.
- If the device has a status of Inactive, System Not Reporting when it's deleted from the Admin Portal, you need to log on to that system and manually remove the agent and policies.
Best Practice:
- If you're removing the agent from a Windows device, verify the JumpCloud policies have been removed by running this command as administrator:
gpresult /Scope Computer /v
If they remain, you must manually remove policies from the Windows devices.
Manually Remove the Agent from an Inactive Device
You should use these steps only if you want to uninstall the agent from a device that has a status of Inactive, System Not Reporting in the Admin Portal.
Considerations:
- If the device has a status of Active, System Reporting, you should remove all agent components automatically using either the Admin Portal or the JumpCloud API.
- If you log on to a device and manually remove the agent first, a record remains in the Admin Portal. You also need to remove the record using either the Admin Portal or the JumpCloud API.
To manually remove the agent:
Use the steps in the following table for the OS on your system.
OS | Uninstall Steps | Notes |
---|---|---|
Mac |
|
You need an administrator password to run the sudo command. |
Windows |
|
For specific files, directories, and registry keys modified by the Windows Agent, see Changes Made to Your Windows Device During Installation.
|
Debian/Ubuntu |
|
- |
Amazon/CentOS/RHEL |
|
- |
Manually Remove JumpCloud Policies from a Windows Device
Follow these steps only after you have uninstalled the agent. If the JumpCloud policies weren't automatically removed, you can manually remove them from the Windows device.
When you clear the device's local Group Policy cache, you're removing not only JumpCloud policies, but all other policies that have been applied, including Windows User and Group policies.
In these steps, you'll use the secedit command to clear the system's local Group Policy cache. The secedit command lets you configure the current device's security settings stored in a database.
To remove JumpCloud policies from a Windows device:
- Log on to the device as an administrator.
- Verify JumpCloud policies are removed after an uninstallation by running this command:
gpresult /Scope Computer /v
- If group policies are listed, open a PowerShell terminal.
- At the prompt, type this command:
secedit /configure /cfg $env:windir\inf\defltbase.inf /db defltbase.sdb /verbose
Remove-Item $env:windir\System32\GroupPolicyUsers
Remove-Item $env:windir\System32\GroupPolicy
gpupdate /force
- After you run this command, you need to reapply any Windows User and Group policies that are required by your organization.
Device Status After Removing JumpCloud
When you remove JumpCloud from a device, either by deleting the device in the Admin Portal, or by manually removing the agent from the system, the following will occur:
- The JumpCloud agent will be removed from the system.
- All users on the system will remain unaffected regardless of whether they were provisioned by JumpCloud or were pre-existing and taken over by JumpCloud.
- All user data and permissions on the system remain as is.
- Any commands set up to run on that system via JumpCloud Commands will no longer run, regardless of how those commands are launched (this means you'll need to move any scheduled commands manually in cron or another scheduling tool).
Your Data In JumpCloud
- Your account will remain intact, should you wish to use JumpCloud in the future.
- Any undeleted devices that go offline without being removed from the JumpCloud Admin Portal will remain in the Portal indefinitely, or until JumpCloud chooses to delete them.