I'm looking for an LDAP sync solution.
I need to detect changes on AD accounts without relying on a device inventory update. One reason for this is that we need to detect accounts that belonged to school leavers. If they have already wiped the device it won't check in and sync with LDAP anymore.
Other MDM's auto-sync with AD every 12 hours or so. Since Jamf doesn't do this, is there a script that can be run to do it? I can then schedule this to run on a set interval each day.