Active Directory group to manage JamF

supportpcm
New Contributor

Good day,

Is it possible to manage JamF Cloud based on the member of an Active Directory group?
I've added a AD group in the "JamF Cloud User and group" but when i try to log in with a user that is a member of that group, it refuses the connexion.
On the other hand, if I add a user in the "JamF Cloud User and group", the connexion works.

I noticed that when looking at the AD group in Jamf, it shows "NA" in the groupe membership field... don't know if it's relevant.

2 REPLIES 2

talkingmoose
Moderator
Moderator

Yes, it's possible.

In your LDAP Server settings look for the Test button at the bottom and click that. Use this to determine if Jamf Pro is able to find the user, the LDAP group and test whether it thinks the user is a member of the group. If something fails, you may need to correct your settings.

The N/A under Members is normal for an LDAP group. Jamf Pro doesn't know the number of members in an LDAP group. It only looks up whether a user is a member of the group at the time it needs to.

supportpcm
New Contributor

I was missing the following in the "User group membership mapping".
User mapping attribute : member
Checked use distinguished name.

Thank you for your help