Skip to main content
Question

Create Smart Group based on LDAP field

M
Forum|alt.badge.img+2

Hi,

Complete JAMF newbie here.

Is there anyway we can create a SMART group based on a users OFFICE location in Active Directory?

Basically we want to be able to create policies that ONLY apply to certain offices

Thanks

    2 replies

    R
    Forum|alt.badge.img+13
    • robii
    • Contributor
    • 14 replies
    • November 21, 2018

    Create an Extension Attribute that is mapped to the users Location LDAP attribute and the crate a Smart Group with that new Extension Attribute as the criteria.

    M
    Forum|alt.badge.img+2
    • MarkISC
    • Author
    • New Contributor
    • 1 reply
    • November 28, 2018

    Thanks,

    Ive written a very simple script that gets the OU and used it Extension Attributes under Computer Management

    !/bin/sh

    CompName=$(dsconfigad -show | awk '/Computer Account/{print $NF}' | sed 's/$$//') OU=$(dscl "/Active Directory/XXXXXXXXX/All Domains" read /Computers/${CompName}$ dsAttrTypeNative:distinguishedName | tail -1 | awk -F"${CompName}," '{print $2}')
    echo "<result>$OU</result>"

    Ive tested this script on a few Macs and it gives me the result im after. eg the output looks like

    <result>OU=Computers,OU=China,DC=XXXXXXXX,DC=XXXXX</result>

    BUT, when i create a Smart group that the critian is "OU=Computers,OU=China,DC=XXXXXXXX,DC=XXXXX" NO computers appear int the list. There should be at least three.

    Is there something im missing?

    Thanks

    Reply


    Most helpful members this week

    Terms & ConditionsCookie settingsAccessibility statement

    Cookie policy

    We use cookies to enhance and personalize your experience. If you accept you agree to our full cookie policy. Learn more about our cookies.

     
    Cookie settings