- Jamf Nation Community
- Products
- Jamf Pro
- Limit this policy to the following users... or com...
Options
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Mute
- Printer Friendly Page
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Posted on 03-22-2012 07:09 AM
I see the Limit this policy... option when applying policies. I know it says users but does this apply do AD computer groups as well or only user groups?
Solved! Go to Solution.
1 ACCEPTED SOLUTION
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Posted on 03-22-2012 09:16 AM
Just spoke with JAMF and this is in fact User and User Group based only. This will not work for machine groups.
9 REPLIES 9
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Posted on 03-22-2012 07:52 AM
Sounds like you're referring to the wording when creating a policy via the assistant, correct? If so, the wording I see is "limit the scope of this policy to specific user groups" and yes it only applies to User Groups, like AD groups, not Computer Groups. You'll need to use Smart or Static groups in the JSS if you need to limit it to those.
Someone correct me if I'm wrong about that.
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Posted on 03-22-2012 07:56 AM
AD groups can be machine based as well and thats what I am referring to.
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Posted on 03-22-2012 08:07 AM
TBH I have not tested it.
I assumed that it was based on the login passed to Self Service if you have logins enabled, which is how I use it, but I do not *KNOW*
Try it and let us know! :D
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Posted on 03-22-2012 08:08 AM
I was hoping someone had the answer so I wouldn't have to add this to my growing list of things to do :(
To be clear I am actually trying to use this for MCX's. I noticed this limit this policy to... option and it accepts a machine group. Currently I am using an Extension Attribute I wrote to pull down the AD group.
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Posted on 03-22-2012 08:11 AM
AD groups can be machine based as well and thats what I am referring to.
True, but my understanding of this feature was that it did not apply to machine groups, only user based. Again, I could be wrong, but that's how I understand it currently.
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Posted on 03-22-2012 08:15 AM
Do I smell a Feature Request!
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Posted on 03-22-2012 09:16 AM
Just spoke with JAMF and this is in fact User and User Group based only. This will not work for machine groups.
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Posted on 03-22-2012 10:53 AM
Hey Matt,
Not sure exactly what you are trying to scope, but I am willing to bet a smart group based off an extension attribute could accomplish this. You want to scope to OD computer groups? Have you looked into that method yet?
Thanks,
Tom
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Posted on 03-22-2012 11:16 AM
Yea for me it woud be a Smart Group based on computer name which reflects the OUs in AD but what he wants to do is an interesting question. ;)
