Posted on 11-26-2019 08:49 AM
I have certain ldap users I need to give access to more than one Site - and don't want to give access to all Sites.. I therefore created a Jamf Pro User Group (non ldap) and gave it specific permissions. The members tab is blank and shows no way to add members. Is there a way to add members?
Solved! Go to Solution.
Posted on 11-26-2019 02:56 PM
The solution is a bit of a kluge... I had our account admin team create another OKTA LDAP group (with the same members - new group name) and assigned it to the other site.
Posted on 11-26-2019 10:37 AM
@Lhsachs We provide each unique administrator — whose account exists in LDAP — access to multiple, specific Jamf Pro Sites by having multiple, unique LDAP groups and then assigning each unique LDAP group to a single Site.
So, in Jamf Pro, select …
Settings > System Settings > Jamf Pro User Accounts & Groups > New > Add LDAP Group
… search for the LDAP group and set its Access Level to "Site Access," select the appropriate Site and specify permissions.
Which administrator has access to which Sites is then controlled via LDAP group membership.
(You'll most likely want to upvote @Over9000's Clone JSS LDAP User Accounts & Group Permissions feature request, because it's painful when you have dozens of Sites.)
Posted on 11-26-2019 02:56 PM
The solution is a bit of a kluge... I had our account admin team create another OKTA LDAP group (with the same members - new group name) and assigned it to the other site.