Help

Configuration Profiles 10.7.4 Will Not Apply To Groups In Child Domain

LyndhurstSchool
New Contributor

Posted on ‎05-30-2012 01:51 PM

Hi all,

My colleague and I are new to the forums and Casper in general. We had our jump start last week, and since the new 8.52 release and the ability to run user login scripts, we are having a lot of success integrating our new macs into out existing active directory environment. We are running into a weird issue though with configuration profiles. For some reason on any of my child domain controllers the profile will not push to a user in the group. If the group is at the top of the forest it works every time. Policies that are scoped the same way with the same group run perfect every time with no issues. Any thoughts? We appreciate any help that you can offer. :)

0 Kudos
Reply
2 REPLIES 2

mm2270
Legendary Contributor III

Posted on ‎05-30-2012 02:05 PM

John, I don't know that we have enough information to guess, but just a question - how did you go about setting up your LDAP connections in the JSS during your JumpStart? Do you just have one, or multiple connections there? Is it possible you need to add in your child DCs? I really don't know how your AD environment is set up so that's a total guess.
Also, this may not be related, but if it isn't already enabled, try checking on "Use Recursive Group Lookups" located under the Mappings > Group Membership section of your LDAP Connection.

0 Kudos
Reply

LyndhurstSchool
New Contributor

Posted on ‎05-30-2012 02:23 PM

Thank you for your quick response! In the ldap section of the jss I have all my child domain controllers configured, and if I test them for group lookup, the test is right every time. I should mention that occasionally the profile will work but then a few minutes later ir breaks again only for groups hosted on child DCs. Polices using these groups apply without any problems and I can also log in with users in the child domain without issue. It is to say the least mind boggling.

0 Kudos
Reply