Skip to main content
Solved

Building is part of another attribute in LDAP

  • December 12, 2014
  • 5 replies
  • 0 views
M
Forum|alt.badge.img+3

Hello,

I have an LDAP integration which is working fine but i am having problems filling the Building information.
Problem is that on my LDAP I don't have a field just for Building. It is actually the first 3 letters from a field called UserLocation.
For example:
User location is MNL 05K325 where MNL is the building.
Is there anyway I can trim it to fill in the Building information?

Best answer by davidacland

As long as there is a link between something else (such as the user or computer) in AD and the building field you will be able to use an extension attribute in its place. It would look something like this:

#!/bin/sh

building=$(dscl /Active Directory/DOMAINNAME/All Domains -read /Users/$USER Building | cut -c 1-4)

echo <result>$building</result>

exit 0

You will need to replace "DOMAINNAME" with your short domain name (NETBIOS name) and "Building" with the actual name of the attribute (it might be Building but I'm not completely sure).

You could then display it in the User and Location section in the inventory.

View original
    Did this topic help you find an answer to your question?

    5 replies

    D
    Forum|alt.badge.img+18
    • dgreening
    • Honored Contributor
    • 645 replies
    • December 12, 2014

    You can make an extension attribute which reads the value and cuts it down to the first 3 characters, then map the Building field in your LDAP mappings to the extension attribute.

    davidacland
    Forum|alt.badge.img+18
    • davidacland
    • Valued Contributor
    • 1811 replies
    • Answer
    • December 12, 2014

    As long as there is a link between something else (such as the user or computer) in AD and the building field you will be able to use an extension attribute in its place. It would look something like this:

    #!/bin/sh

building=$(dscl /Active Directory/DOMAINNAME/All Domains -read /Users/$USER Building | cut -c 1-4)

echo <result>$building</result>

exit 0

    You will need to replace "DOMAINNAME" with your short domain name (NETBIOS name) and "Building" with the actual name of the attribute (it might be Building but I'm not completely sure).

    You could then display it in the User and Location section in the inventory.

    M
    Forum|alt.badge.img+3
    • MSaraiva
    • Author
    • New Contributor
    • 2 replies
    • December 12, 2014

    Thank you so much.
    This is already very useful.

    Furthermore, is there anyway to actually link it with the Building in the AD mappings?

    davidacland
    Forum|alt.badge.img+18
    • davidacland
    • Valued Contributor
    • 1811 replies
    • December 12, 2014

    There is using the APIs. You would need to run it as a script on the client, save the output as an xml and then upload to the relevant field using curl.

    Have a look at https://yourjss.com:8443/api under Computers to see the xml format.

    An extension attribute is the "easy" route. The APIs would give you exactly what you want but will be a little trickier to write the script.

    bentoms
    Forum|alt.badge.img+35
    • bentoms
    • Legendary Contributor
    • 4331 replies
    • January 4, 2015

    @MSaraiva, another route would be to submit the user data via a script that amends the information as wanted.

    For example: https://macmule.com/2012/05/16/submit-user-information-from-ad-into-the-jss-at-login/

    Reply


    Most helpful members this week

    Terms & ConditionsCookie settingsAccessibility statement

    Cookie policy

    We use cookies to enhance and personalize your experience. If you accept you agree to our full cookie policy. Learn more about our cookies.

     
    Cookie settings