LDAP & User Initiated Enrollment

mlambert
New Contributor III

Have a few systems in our environment that are not in DEP so using the user initiated enrollment.

A couple of our config profiles are using variables from the user & location fields ($USERNAME and $EMAIL) and we're seeing that not every system is getting that data assigned properly when they go through this.

Is there any easy way to make sure that an approved LDAP user gets assigned and it queries LDAP and the info we need?

2 REPLIES 2

sdagley
Esteemed Contributor II

@mlambert Does the Username of the account created by Setup Assistant match an LDAP ID for the user? If so, it should populate the User info for the Computer record from LDAP. That said, I'm seeing some DEP enabled Macs where the post setup 'jamf recon' fails to update the user info in Jamf Pro, and on machines that exhibit that failure even a 'jamf recon -userID <LDAP_ID>' won't get Jamf Pro to populate the User info for the computer record. I have a case open with Jamf Support on this issue, but haven't seen any traction on it yet.

mlambert
New Contributor III

@sdagley Yeah, I think the issue comes down more to, if they don't enter a proper ldap user name and just leave the assign to field blank, it causes issues