Service user policies for self service.

mmcrae
New Contributor

Hi,

I need to set up self service at 3 different sites, with a total of 200+ users.

However, I need to restrict the applications each users can see and install in self-service.

Some of the applications we are using are on a per user based licence and we don't want everyone to be able to just download these as they feel like it.

Can this be done with the current groups that are set up in AD (as the casper suite is integrated).
or do i need to set up a separate group structure just for self-service.

And counting in this being quite achievable, can I please be provided with a basic how-to just to get me started as I have only started working with Casper for a couple of weeks now.

This would be a massive help..

Thank you!

1 ACCEPTED SOLUTION

russell_kennyOL
New Contributor III

Hi mmcrae,
you can limit who can see what policies in self service by the scope section. (which also is the same for all policies)

Depending on how strict your licensing is, you can limit it by "Assign this policy to computers" which includes computer groups, individual computers, departments (network segments) or buildings. which are all the groups in the JSS.

if you scroll down a little you will see "Limit this policy to the following users" there you will be able to add AD groups (based on an LDAP search)

as long as you have your LDAP server added and the specific group your are searching is included in your search base added for that server (you can also add multiple LDAP connections with different search bases if your AD is linked globally like mine, it speeds up searching rather that going though the whole region)

let me know if you need any other assistance!

-Rusty

View solution in original post

3 REPLIES 3

russell_kennyOL
New Contributor III

Hi mmcrae,
you can limit who can see what policies in self service by the scope section. (which also is the same for all policies)

Depending on how strict your licensing is, you can limit it by "Assign this policy to computers" which includes computer groups, individual computers, departments (network segments) or buildings. which are all the groups in the JSS.

if you scroll down a little you will see "Limit this policy to the following users" there you will be able to add AD groups (based on an LDAP search)

as long as you have your LDAP server added and the specific group your are searching is included in your search base added for that server (you can also add multiple LDAP connections with different search bases if your AD is linked globally like mine, it speeds up searching rather that going though the whole region)

let me know if you need any other assistance!

-Rusty

mmcrae
New Contributor

helped heaps mate.. thanks a lot.

russell_kennyOL
New Contributor III

No worries,
any other questions feel free to create a new post!

Cheers mate.