Help

Building is part of another attribute in LDAP

Go to solution
MSaraiva
New Contributor

Posted on ‎12-12-2014 05:58 AM

Hello,

I have an LDAP integration which is working fine but i am having problems filling the Building information.
Problem is that on my LDAP I don't have a field just for Building. It is actually the first 3 letters from a field called UserLocation.
For example:
User location is MNL 05K325 where MNL is the building.
Is there anyway I can trim it to fill in the Building information?

0 Kudos
2 ACCEPTED SOLUTIONS

Go to solution
davidacland
Honored Contributor II
Honored Contributor II

Posted on ‎12-12-2014 06:40 AM

As long as there is a link between something else (such as the user or computer) in AD and the building field you will be able to use an extension attribute in its place. It would look something like this:

#!/bin/sh

building=$(dscl /Active Directory/DOMAINNAME/All Domains -read /Users/$USER Building | cut -c 1-4)

echo <result>$building</result>

exit 0

You will need to replace "DOMAINNAME" with your short domain name (NETBIOS name) and "Building" with the actual name of the attribute (it might be Building but I'm not completely sure).

You could then display it in the User and Location section in the inventory.

View solution in original post

0 Kudos

Go to solution
davidacland
Honored Contributor II
Honored Contributor II

Posted on ‎12-12-2014 07:56 AM

There is using the APIs. You would need to run it as a script on the client, save the output as an xml and then upload to the relevant field using curl.

Have a look at https://yourjss.com:8443/api under Computers to see the xml format.

An extension attribute is the "easy" route. The APIs would give you exactly what you want but will be a little trickier to write the script.

View solution in original post

0 Kudos
5 REPLIES 5

Go to solution
dgreening
Valued Contributor II

Posted on ‎12-12-2014 06:36 AM

You can make an extension attribute which reads the value and cuts it down to the first 3 characters, then map the Building field in your LDAP mappings to the extension attribute.

0 Kudos

Go to solution
davidacland
Honored Contributor II
Honored Contributor II

Posted on ‎12-12-2014 06:40 AM

As long as there is a link between something else (such as the user or computer) in AD and the building field you will be able to use an extension attribute in its place. It would look something like this:

#!/bin/sh

building=$(dscl /Active Directory/DOMAINNAME/All Domains -read /Users/$USER Building | cut -c 1-4)

echo <result>$building</result>

exit 0

You will need to replace "DOMAINNAME" with your short domain name (NETBIOS name) and "Building" with the actual name of the attribute (it might be Building but I'm not completely sure).

You could then display it in the User and Location section in the inventory.

0 Kudos

Go to solution
MSaraiva
New Contributor

Posted on ‎12-12-2014 07:38 AM

Thank you so much.
This is already very useful.

Furthermore, is there anyway to actually link it with the Building in the AD mappings?

0 Kudos

Go to solution
davidacland
Honored Contributor II
Honored Contributor II

Posted on ‎12-12-2014 07:56 AM

There is using the APIs. You would need to run it as a script on the client, save the output as an xml and then upload to the relevant field using curl.

Have a look at https://yourjss.com:8443/api under Computers to see the xml format.

An extension attribute is the "easy" route. The APIs would give you exactly what you want but will be a little trickier to write the script.

0 Kudos

Go to solution
bentoms
Release Candidate Programs Tester

Posted on ‎01-04-2015 11:13 AM

@MSaraiva, another route would be to submit the user data via a script that amends the information as wanted.

For example: https://macmule.com/2012/05/16/submit-user-information-from-ad-into-the-jss-at-login/

0 Kudos