I made a pretty simple extension attribute script that lists the OU path of a computer bound to our AD:
#!/bin/sh
ad_computer_name="$(dsconfigad -show | grep "Computer Account" | awk '{print $4}' | rev | cut -c 2- | rev)"
ad_ou="$(ldapsearch -LLL -h *domain* -x -D *AD_Admin_Account@domain* -w '*password*' -b "DC=domain1,DC=domain2,DC=domain3,DC=domain4" "name=${ad_computer_name}" | grep -A1 "distinguishedName:" | tr -d '
')"
echo "<result>${ad_ou}</result>"
exit 0
I had previously used a similar script in a policy, which used the API to put the value into an extension attribute, and it worked pretty well. But I wanted to try out using a scripted Extension Attribute instead.
My problem is that the resulting EA for a computer will show up on multiple computers, instead of each having their own correct value. usually ones that check in right after each other will share the value of the first computer to check in. does the variable defined in the EA script carry over to the next computer that checks in?