Help

JSS Email Notifications for LDAP groups

Musgrove
New Contributor II

Posted on ‎09-01-2014 07:52 AM

Hi all.

We have set our JSS up to authenticate against our Active Directory, and use LDAP groups to authorise users' access to the Casper tools/ JSS, rather than individually adding each administrator as an LDAP user.

For the most part, this seems to work as expected - with the exception of email notifications. Whilst a user can configure the notifications they wish to receive in the normal manner - the notifications never arrive (tested using Restricted Software record). An SMTP server is correctly configured and tested (e.g., with Enrollment Invitations).

After some experimentation, I found that I could receive email notifications if I added an LDAP user account for myself using the default information mapped from the directory - but this seems to defeat the purpose of using the LDAP groups.

Has anyone successfully used email notifications with LDAP groups alone - am I missing something obvious?

Thanks in advance for your thoughts on this.

Jason Musgrove
IT Serivces, University of Wolverhampton

0 Kudos
Reply
5 REPLIES 5

CAG_1337
New Contributor

Posted on ‎02-14-2015 12:30 AM

I have no solution for you, but I am experiencing this very same issue. I just switched to LDAP groups I had been adding our admin staff in as LDAP users individually. I stopped getting any emails from Casper until I added myself back as an LDAP user. You are right, this seems to defeat the purpose of groups. Clearly a bug that JAMF needs to address.

0 Kudos
Reply

davidacland
Honored Contributor II

Posted on ‎02-14-2015 03:21 AM

Hi, I'm pretty sure that's how it works at the moment. There is an open feature request to add this functionality (https://jamfnation.jamfsoftware.com/featureRequest.html?id=915) but the JSS doesn't currently support email notifications for LDAP groups.

0 Kudos
Reply

CAG_1337
New Contributor

Posted on ‎02-14-2015 12:28 PM

Thanks. Good to know. The JSS is clearly reading that the mail attribute is present in the AD account when added through a group...the "Email Notifications" link shows up on the pull down menu when logged on with an AD account that has a mail attribute, and it doesn't when logged on with an account that doesn't have a mail attribute in AD. Why does it even let a person set these if it is not supported? Poor design! Frankly, it is downright laughable that this doesn't work and has to be considered a "feature request."

0 Kudos
Reply

qsodji
Contributor

Posted on ‎02-15-2015 10:44 AM

My work around is to create a local JSS user account and put in the email or mailing list.

0 Kudos
Reply

mks007-umg
New Contributor

Posted on ‎03-24-2017 08:27 AM

@qsodji what privilege do you setup up on the account

0 Kudos
Reply