Skip to main content
Skip table of contents

Configuring a Jump Server

Before account secrets (also referred to as "secrets") can be created and used to access the required accounts on the associated remote computers, a Client with either a Workstation license or a Terminal Server license needs to be configured as a jump server (via which users who have the appropriate permissions will be able to use the secrets to access the associated accounts by way of Ekran System Connection Manager). 

Make sure the Client computer that is to be used as the jump server has the following components installed and configured:

• .NET Framework 4.8

• Microsoft Visual C++ 2015 Redistributable: Download Visual C++ Redistributable for Visual Studio 2015 from Official Microsoft Download Center

NOTE: For correct operation of the jump server, it is recommended to use a Server OS.

To configure the Windows Client computer that will be used as the jump server (i.e. the computer with the Ekran System Connection Manager), do the following:

1. Log in to the Management Tool as a user with the Client Configuration Management permission for Clients.

2. Click the Client Management navigation link (on the left).

3. On the Client Management page that opens, find the Client that will be used as the jump server, and click its name in the Client Name column.

NOTE: To find specific Clients, the Search box and filters at the top of the Client Management page can be used.

4. On the Editing Client page, on the Properties tab, in the Client Properties section (at the top), make sure that either a Workstation license or a Terminal Server license is assigned to the Client.

5. Scroll down to the Client Mode section, and do the following:

• Select the Enable Jump Server mode checkbox.

NOTE: For the jump server to function correctly, it is recommended to use a server operating system.

• Select the Replace Windows Shell with Ekran System Connection Manager checkbox if you want to only display the Ekran System Connection Manager popup window to users (i.e. without the jump server's desktop).



6. To allow the Client to be assigned to secrets, select the Authentication Options tab, and scroll down to the Two-Factor and Secondary Authentication section, then select the Enable secondary user authentication on login checkbox.

NOTE: It is not required to enable secondary user authentication for Active Directory users.


7. Click the Finish button (in the bottom right of the page).

8. The Client as then configured as the jump server (from which users will access the account secrets by using Ekran System Connection Manager).

JavaScript errors detected

Please note, these errors can depend on your browser setup.

If this problem persists, please contact our support.