"Error Calculating Policies in Scope" and "Check that your LDAP server is properly configured and accessible

donmontalvo
Esteemed Contributor II

LDAP is working, and "assigned user" is correct.

Anyone know what might cause this error?
34bc83e76f2d4a9ca1527401ad1b56d9

--
https://donmontalvo.com
14 REPLIES 14

donmontalvo
Esteemed Contributor II

UPDATE: It appears clearing the assigned user value fixes the error. We'll reach out to Jamf and shout back with our findings.

--
https://donmontalvo.com

Yogini90
New Contributor

Guys

Any further update on this. we are aslo seeing similar issues. What is the resolution ? When I clear the user it works fine. But if I assign the user I get the same error.

diradmin
Contributor II

We are observing this sporadically as well under Jamf Pro 10.9.0.

NateES
New Contributor II

I'm getting this issue too - remove the user and both Policies and Configuration Profiles can be re-calculated; assign the user and now both have this error.

casey_riley
New Contributor

Has anyone had a solution to this? I'm experiencing this issue.

robmorton
New Contributor III

I would be curious about this as well. We do have an old LDAP configured that has broken, but our newer one has been in place for more than a year. I am nervous to delete the old one (which is evidently currently not working) as I am not sure what else that will break. I did open a ticket with Jamf to try and find out though.

Portuguez
New Contributor II

was there ever a resolution for this?  I am experiencing this after upgrading to 10.33

rasy07
New Contributor II

Hi @Portuguez, i have the same Problem, did you find Solution for it? 

Portuguez
New Contributor II

What solved it for us was adding the highlighted sections:

Portuguez_0-1637110964542.pngPortuguez_1-1637111047695.pngPortuguez_2-1637111098116.png

Prior to 10.33 is was working with different settings, but post 10.33 we changed the settings after working with JAMF Support.  One issue was that we do not have just one all encompassing user group in our AD.

Portuguez
New Contributor II

Please click on the image in my previous post as their are 3 images.

grahamsdgr
New Contributor

I know this thread is many years on, but hopefully this info will save someone some headache:
We had the same issue, and for us it was a matter of getting the group membership information pulling from the right place and ensuring that our LDAP search base(s) weren't too narrow to find the correct information.
We ended up switching the Membership Location field to pull group membership data from the "memberOf" field of the User Object, rather than the "member" field of the Group Object.

This contributed to solving my issue as well.

rasy07
New Contributor II

@Portuguez  @grahamsdgr  it worked. thank u  guys! 

HamlinK
New Contributor

This thread solved a similar issue for us too!  We had this error under Config Profiles though, not Policies. The one addition I can make:

We are using JumpCloud for LDAP. When switching User Group Membership Mappings from Group Object - member to User Object - memberOf I also had to check the box to use distinguished names of user groups.