I would like to include a user attribute from Active Directory to populate for my users. The attribute is not standard from other attributes collected by default from Jamf Pro. I would need the attribute to either show yes or no if the attribute is enabled. Does anyone have any insight how to implement this?
Page 1 / 1
I have done this for computer objects to see if the computer is a member of an AD group. Here is the extension attribute code:
#!/bin/sh
Computer_Name=$(hostname)
Machine_Domain=$(dscl /Active Directory/ -read . SubNodes | awk '{print $2}')
AD_Groups=`dscl "/Active Directory/$Machine_Domain/All Domains" -read "/Computers/$Computer_Name$" |grep memberOf`
if [[ "$AD_Groups" =~ "AD Group Name" ]]; then
echo "<result>Yes</result>"
else
echo "<result>No</result>"
fiYou can get the username and use something like dscl "domain" -read "/Users/<username>/<attribute>/"
Thank you! Would you know how to configure this for attributes with dial_in enabled?
Enter your E-mail address. We'll send you an e-mail with instructions to reset your password.