LDAP Extension Attribute

boberito
Valued Contributor

I've added an Extension Attribute, set it to Data Type String...Input Type LDAP Mapping. We have our JamfPro connected to AD, all the mapped attributes under LDAP Servers works, testing under LDAP Servers works.

And anyway the EA is always showing as blank.

I'm not even sure where to look log wise. I'm guessing this should populate when a recon is triggered. But I don't know.

I'm not sure if I need more than just the LDAP Attribute Name or what.

10 REPLIES 10

KMerendaTFMC
New Contributor III

I've got the same problem. Did you find a solution?

robii
New Contributor III

Here is a sample of an extension attribute I use. I simple put in the LDAP attribute name and once the device (in this case an iPad) does an inventory update the field is populated. One caveat is that if field is populated and then for some reason you completely delete that LDAP attribute, it never deletes the value from the extension attribute. It will retain the last value it received when the LDAP attribute existed.

0420691e4bd045e09fe5aedb22212731

KMerendaTFMC
New Contributor III

Thanks for the reply. I'm trying to map UserPrincipalName but it never pulls the value. Oddly, I was able to use the LDAP user mappings and assign UserPrincipalName to the ROOM property and that works.

robii
New Contributor III

Is that value actually available to read for the user you are using in Jamf Pro? I am using OpenLDAP and I know some LDAP attributes are not able to be read by the user I use when connecting from Jamf to LDAP.

KMerendaTFMC
New Contributor III

Yes. As I mentioned, I have it mapped as an extension attribute and as the ROOM property for the user. The value loads for ROOM, but not for the extension attribute.

boberito
Valued Contributor

I believe circling back to this I had to go to Inventory Collection under Computer Management and enable "Collect user and location information from LDAP"

KMerendaTFMC
New Contributor III

You're absolutely right. I had a case open with support, and they advised me to go to Device Management > Inventory Collection and make sure Collect User and Location Information from LDAP is checked. I did that, ran inventory updated, and the attributes populated.

boberito
Valued Contributor

BOOYA!

fernando_gonzal
Contributor

@robii I have my Jamf instance connected to our LDAP source but I can't seem to get the option to choose LDAP Attribute Mapping in Extension Attributes.

Is there something I am missing?

40c22a4eafe046349bb920ed92d5a54c

sdagley
Honored Contributor III

@fernando.gonzalez You have to enable "Collect user and location information from LDAP" under Settings->Computer Management - Management Framework->Inventory Collection before the option to use LDAP Attribute Mapping is enabled for an EA's Input Type