In the past I've scoped polices to people in a department by adding all office computers, then setting a limitation to the relevant LDAP group, allowing them to run even if the computer wasn't assigned to the department correctly. I'm now at 9.62 and scope limitations offers only the options of Network Segments or iBeacons. Existing policies with limitations by LDAP group seems to still be working, but I can't limit new policies that way. Before I turn this in to a support call has anyone run into this before or have any suggestions on settings to check?
Solved! Go to Solution.
Thats more UX than anything. I'd expect it not to function without self service enabled. Work flow wise, its a bit confusing, as I tend to work left to right in casper, and often have to jump and go back to make it work.
Just FYI, its not only Self Service that gives you the LDAP Limitations options. You can also set the trigger to Login or Logout, and the options will show up. Basically, only user based triggers, like login and logout, allow you to set LDAP user and LDAP group limitations or exclusions. If its only a computer level trigger, like Recurring Check-in, it won't show up.
The good news is that you can still enable the Recurring check-in trigger as well as the login/logout trigger and the LDAP options still show up.