Policy exclude site?

New Contributor III

Is there any way to have a site excluded from a policy? I'm surprised that that isn't an option under policies themselves, but even more surprised that it doesn't seem to be a criteria that you can use for a smart group. I'm also not finding it as an extension attribute.

Any ideas?


Legendary Contributor III

Yeah, this is one of the most glaring omissions with Sites. Currently a policy can be assigned to None, which means it applies to all Sites, or just one Site. There is no in between and its kind of crazy. To make it worse, as you discovered, Sites are not an item that shows up within the Scope tab for Exclusions. Though it makes sense really that it doesn't show up under Scope since Sites are really larger than scope, so one would necessarily need to override the other.
I know JAMF is very actively working on ways to make Sites more robust. They have gotten the message that the way Sites are implemented is too limited right now, so they are definitely going to be adding more capabilities in this area in the future.




For that site EA it would be best practice to create a user in the JSS specficialy for API calls that has minimal privileges.