Help

Mapping Custom Attributes from Google Workspace into Jamf Pro

ReidCoCam
New Contributor

Posted on ‎03-19-2024 01:26 PM

Hello.

Does anyone have any experience mapping custom attributes from Google Workspace into Jamf Pro. We are using Google Workspace as our Cloud Identity Provider, and I am trying to sync a custom attribute from Google to populate into the "Department" field in the Mappings editor.

I've tried just about every combination of attributes I can think of to try and get the data to pull across correctly, but nothing is working. For reference, the exact thing I am trying to achieve is pulling data from a Custom Attribute called "jamf" with my users' department name, as the actual Department attribute in Google Workspace isn't providing the correct info from our HR system. But when I enter "jamf" as the attribute in the Department field in Jamf Pro, it returns "no value" after a test search. I've also tried "user.jamf", "jamfJamf" and what feels like dozens of other variants to no avail.

Any thoughts?

0 Kudos
Reply
5 REPLIES 5

deborah621
New Contributor

Posted on ‎03-20-2024 04:06 AM

In Jamf Pro, navigate to Settings > System > Cloud Identity Providers and ensure that your mappings are correctly configured. You might need to map the custom attribute from Google Workspace to the corresponding field in Jamf Pro. 

0 Kudos
Reply

ReidCoCam
New Contributor
In response to deborah621

Posted on ‎03-20-2024 07:33 AM

Right, that's what I'm doing. I have my custom attribute in Google Workspace and am entering that in the "Department" field in Jamf Pro, but it's returning "no value". I'm either entering the attribute value different than what Jamf Pro is expecting, or Jamf Pro doesn't have the function to pull custom attributes. But I can't find any answers as to which is which.

0 Kudos
Reply

sudoErase
Contributor
In response to ReidCoCam

Posted on ‎06-20-2024 10:45 AM

did you get the solution for this?

For the Department field in Jamf Pro, according to Google LDAP schema, it should be: "departmentNumber"

  • departmentNumber: The name of the user’s department. This is not necessarily a number.


https://apps.google.com/supportwidget/articlehome?hl=en&article_url=https%3A%2F%2Fsupport.google.com...

0 Kudos
Reply

sudoErase
Contributor
In response to ReidCoCam

Posted on ‎06-20-2024 11:28 AM

I re-read what you wrote. Regarding the Custom Attribute, make sure you have provided the permission in Google workspace.

 

Go to Google Workspace -> LDAP -> Jamf (whatever the name you set to) -> Click Access Permissions -> Check to see which attributes it belongs to and enable.

sudoErase_0-1718908036004.png

With that said, not sure why it needs a custom attribute instead of using Google's department field with "departmentNumber"

 




0 Kudos
Reply

sudoErase
Contributor
In response to sudoErase

Posted on ‎06-21-2024 08:52 AM

Lastly super important: 
Make sure the all the names of the Department are created in Jamf's Departments setting. 

 

It will show "No value" if name of the Departments are not created ahead of time.

0 Kudos
Reply