LDAP is working, and "assigned user" is correct.
Anyone know what might cause this error?
Question
"Error Calculating Policies in Scope" and "Check that your LDAP server is properly configured and accessible
+36+36UPDATE: It appears clearing the assigned user value fixes the error. We'll reach out to Jamf and shout back with our findings.
+1Guys
Any further update on this. we are aslo seeing similar issues. What is the resolution ? When I clear the user it works fine. But if I assign the user I get the same error.
+4I'm getting this issue too - remove the user and both Policies and Configuration Profiles can be re-calculated; assign the user and now both have this error.
+9I would be curious about this as well. We do have an old LDAP configured that has broken, but our newer one has been in place for more than a year. I am nervous to delete the old one (which is evidently currently not working) as I am not sure what else that will break. I did open a ticket with Jamf to try and find out though.
I know this thread is many years on, but hopefully this info will save someone some headache:
We had the same issue, and for us it was a matter of getting the group membership information pulling from the right place and ensuring that our LDAP search base(s) weren't too narrow to find the correct information.
We ended up switching the Membership Location field to pull group membership data from the "memberOf" field of the User Object, rather than the "member" field of the Group Object.
+1Hi @Portuguez, i have the same Problem, did you find Solution for it?
What solved it for us was adding the highlighted sections:
Prior to 10.33 is was working with different settings, but post 10.33 we changed the settings after working with JAMF Support. One issue was that we do not have just one all encompassing user group in our AD.
+1What solved it for us was adding the highlighted sections:
Prior to 10.33 is was working with different settings, but post 10.33 we changed the settings after working with JAMF Support. One issue was that we do not have just one all encompassing user group in our AD.
Please click on the image in my previous post as their are 3 images.
+1I know this thread is many years on, but hopefully this info will save someone some headache:
We had the same issue, and for us it was a matter of getting the group membership information pulling from the right place and ensuring that our LDAP search base(s) weren't too narrow to find the correct information.
We ended up switching the Membership Location field to pull group membership data from the "memberOf" field of the User Object, rather than the "member" field of the Group Object.
This contributed to solving my issue as well.
+2This thread solved a similar issue for us too! We had this error under Config Profiles though, not Policies. The one addition I can make:
We are using JumpCloud for LDAP. When switching User Group Membership Mappings from Group Object - member to User Object - memberOf I also had to check the box to use distinguished names of user groups.
Enter your E-mail address. We'll send you an e-mail with instructions to reset your password.