Discovering Unmanaged Accounts (Discover Accounts)

JumpServer can automatically detect unmanaged accounts on target systems — accounts that were not added to the list of known accounts in the JumpServer interface.

A discovered account can be automatically added to the list of managed accounts with an automatic password change, or it can be removed from the target system.

Why Is Account Discovery Necessary?

Unmanaged accounts pose a significant security risk and can be exploited by attackers.

An unmanaged account may:

have been created temporarily “for testing,” with a weak or default password;
have been created by a former employee or contractor, possibly without authorization;
have no clear ownership or usage history (and may not be used at all).

Configuring Account Discovery

Any actions on target systems (creating accounts or SSH keys, discovering accounts, changing passwords, or rotating SSH keys) are executed by JumpServer on behalf of a privileged account assigned to your asset. This account must be marked as “Privileged” in the account properties:

Additionally, in the platform settings, you must enable the Gather accounts enabled option (enabled by default):

Enabling Automatic Account Discovery

Go to PAM → Automation → Discover Accounts
Open the Account discovery tasks tab
Click Create
Fill in the required parameters:

Assets

Select one or several assets where account discovery will be performed.

Nodes

Select a folder containing assets. JumpServer will attempt to discover accounts on all assets inside the selected folder(s).

Sync to assets

ENABLED: JumpServer will add the discovered account to the managed account list and perform a password change
DISABLED: You will see the discovered accounts and manually choose whether to delete them from the target system or add them with a password change

Check risk

Discovered accounts will appear under PAM → Risk Detection marked as New found.

Periodic

Enable periodic execution of the account discovery task.

Click Submit to save the discovery task.

Running Account Discovery

To run a discovery task manually:

Go to PAM → Automation → Discover Accounts
Open the Account discovery tasks tab
Click Execute next to the desired discovery task
Wait for the process to complete

Discovered accounts will appear in
PAM → Automation → Discover Accounts → Discovered accounts:

Actions for Discovered Accounts

In the Status column, the following actions are available:

delete remote account — the account will be deleted from the target system
add account — add the account to the managed list without changing the password
add account after password changing — add the account with an automatic password change
ignore — ignore the discovered account

Getting Started Guide for JumpServer PoC

Installation JumpServer Enterprise Edition

Installation JumpServer Community Edition

JumpServer HA-cluster configuration

HAProxy configuration for JumpServer HA-cluster

Operation and Maintenance with command line jmsctl

JumpServer port discription

Installing SSL Certificates and Configuring HTTPS

Configuring Correct User IP Display When Using HAProxy Authentication

How to Save Transferred Files in JumpServer

Where Does JumpServer Store Copies of Files Transferred via SFTP and RDP?

How to Remove Passwords Entered by Users Inside SSH Sessions from the Logs

Syslog configuration

Configuring External Storage for Session Recordings in JumpServer

How to Set the Correct Date and Time in JumpServer?

RDP Session Video Compression: Configuring Video-Worker

Active Directory synchronization with AD groups

How to enable 2FA(TOTP) auth

Installing OpenSSH for account management for Windows

RemoteApp configuration for application publishing

Setting up Panda for application publishing(alternative to RemoteApp)

Changing the lifetime and reusability of connection tokens in JumpServer

How to configure access to asset web-interface, HTTP session configuration

Command filter configuration for SSH and database queries

How to connect to domain assets using a single domain account?

Automatic privilege escalation when connecting via SSH

Creating Accounts and SSH Keys on the Target System (Push Accounts)

Discovering Unmanaged Accounts (Discover Accounts)

Changing the Default Directory for SFTP Connections

Configuring Asset Discovery in Local Networks and Cloud Platforms

Connecting to Target Systems: All Possible Options

Opening RDP Sessions in Remote Desktop Manager (Devolutions)

Supported Database Types and Connection Methods

Installing, Configuring, and Using JumpServer Client

Connecting to Systems Using the SSH Selector in JumpServer

How to check system status and container logs

RemoteApp Troubleshooting

Custome Applet structure for RemoteApp

How to Write API Requests Using Cursor AI

Developing Custom Applications for Panda

Discovering Unmanaged Accounts (Discover Accounts)

Why Is Account Discovery Necessary?

Configuring Account Discovery

Enabling Automatic Account Discovery

Running Account Discovery

Actions for Discovered Accounts