Skip to main content
Question

Computer AD Group membership JSS LDAP lookups

  • October 29, 2014
  • 5 replies
  • 49 views
T
Forum|alt.badge.img+21

Is it possible for the JSS to also do computers AD group membership LDAP lookups not just the users AD group membership?

For example

Bob has access in Self Service to install Photoshop because he is part of the AD group Photoshop

There is nothing preventing Bob going around all the computers in the building and installing Photoshop for his mates.

The ideal solution is to also assign Bobs computer also to the AD group Photoshop and scope a computer smart group based on the computers group membership.

(Also have to deal with multiple AD plugins so extension attributes are out of the question)

    5 replies

    T
    Forum|alt.badge.img+21
    • tkimpton
    • Author
    • Honored Contributor
    • October 29, 2014

    please also keep in mind i know smart & static computers groups etc and that is not what i want.

    need JSS also doing Computer group membership LDAP lookups

    W
    Forum|alt.badge.img+8
    • wyip
    • New Contributor
    • March 6, 2015

    Did you ever try this out to see what happens? It looks like currently the JSS only honors LDAP User Groups but I haven't tried it yet. We're in a similar situation as what you described and want to manage this via LDAP Computer Groups in AD, and not static groups in Casper. Sounds like this might need to be a feature request.

    davidacland
    Forum|alt.badge.img+18
    • davidacland
    • Valued Contributor
    • March 7, 2015

    That is a current feature request. Its under review so probably worth voting up: https://jamfnation.jamfsoftware.com/featureRequest.html?id=1063
    You could replicate the feature with extension attributes to determine which OUs or groups the computers are in and have that filter down to smart groups in Casper, but it would be tedious and slow.

    G
    Forum|alt.badge.img+9
    • GaToRAiD
    • Contributor
    • March 9, 2015

    @tkimpton I have create a tool to do just this in JSS. Currently it is designed for user groups, but can be easily modified for computer groups. Let me know if this is something you would be interested in.

    L
    Forum|alt.badge.img+5
    • Lotusshaney
    • Contributor
    • September 21, 2015

    @GaToRAiD Any chance you can post the tool up ? Thanks

    Terms & ConditionsCookie settingsAccessibility statement