- Jamf Nation Community
- Products
- Jamf Pro
- Help bulkenrolling AD users into AD groups in orde...
Options
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Mute
- Printer Friendly Page
Help bulkenrolling AD users into AD groups in order to facilitate the assignment of VPP licenses and apps
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Posted on 07-30-2014 12:59 PM
Hey all,
In about a month I have about 1000 students coming back to school, eager to get their new iPad Airs. The teachers here are excited about the iPads as well, and I know this because I have over 300 free apps and 100 paid apps to distribute on a class-by-class basis. I could just throw the freebies up in self service, but this will not work with the paid apps in the new managed distribution VPP system.
I was advised by a JAMF engineer not to use 100s of smartgroups to handle all the license and app assignments, so I would like to use LDAP groups to scope instead. All students are already in AD, but I would need to bulk enroll them in security groups for each of their classes, preferably via XLS or CSV.
I'm looking for advice on an AD tool I can use to handle the bulk enrollment of a thousand students in hundreds of groups. If the tool would be able to unenroll the students from the groups at the end of the year and semester, that would be a huge plus. We would only use the tool for this purpose, so spending $1,000 on it is not an option. In my research I have seen a few tools that sound like they could work, but I'd like to pick one based on a personal recommendation.
Any guidance would be appreciated!
2 REPLIES 2
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Posted on 07-31-2014 05:51 AM
Have a look at this;
https://github.com/JAMFSupport/API_Scripts/blob/master/createUserFromCSV.sh
That script can import user accounts from a csv into Casper's user database. The good news is that it doesn't cost $1000.00. There's currently no way to import security groups from AD into Casper's user database (that I know of.) And you'll still have to associate a device with a student. Are you going to be working with the Device Enrollment Program?
How are you handling the VPP invitation process for your students?
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Posted on 08-01-2014 06:17 AM
Thanks @psliequ, but I'm not sure if that would help us. The user accounts are created automatically during the setup and activation process (we use DEP requiring LDAP authentication, so AD is linked to user accounts from the start). Right now, VPP invitations are done via an AppleID password prompt immediately after the device activation process (via DEP) concludes. Additionally, while VPP licenses are assigned to users, apps are pushed based on devices, so there's that....
I'm not trying to import the security groups into Casper, I just want to scope the licenses and apps based on LDAP user group. I'm already using this feature to assign all the apps and licenses to teachers, based on their membership in the "staff" group in AD. The great thing about scoping based on LDAP group is that both licenses and apps can be done this way, no need to create a set of user groups AND device groups to handle each piece of the puzzle.
What I'm really looking for here, is an AD tool that can handle the bulk enrollment of users in security groups, based off of a csv or spreadsheet (that I will export from our Student Information System). Who's an AD expert?
