I'm setting up a Configuration Profile to deliver a directory users Exchange settings, but can't seem to get the proper variable entered for the Email Address. For example, I can enter $USERNAME in the User field and it appears to properly pull this information from Active Directory over LDAP. But no matter what I put in the Email Address field it's populated as static text once the profile is installed.
Has anyone else had success doing this, or am I understanding how this is supposed to work incorrectly?
It sounds like we may be running into D-006184, which was closed as a duplicate of D-007132.
With that defect, we see that the Exchange payload in an iOS or OSX configuration profile fails to prompt users for their username, or fails to apply the information pulled from location information with the $USERNAME variable, and grays the field out so they cannot enter a username.
The end result is it stays in a loop of “Enter your Exchange Account Password” and we’re not able to actually enter a username.
If we manually load the profile by emailing it to the device, or uploading it somewhere onto the network that devices can reach to download and install it, it seems to work as expected, and will prompt the user for their username AND password.
In theory, it should also work to download the profile, package it with Composer, upload it with Admin, and send it out as a policy, but that would only work for OS X Configuration Profiles, as we can’t send policies out to mobile devices.
If you haven’t already, it would be a good idea to get in touch with your Technical Account Manager to get a case opened on this; they will be able to either confirm or rule out the defect, and should be able to provide some workarounds which will hopefully let you get around the behavior, and can attach the case to the defect for tracking purposes.
JAMF Software Support
Since this is the first time I've had to do this, would you be able to clarify if my expectation is correct as to how the Exchange profile is supposed to work?
The end goad is to have the user-based configuration profile installed for the currently logged in directory user on a given machine, then automatically setup their Exchange account using the information retrieved from the Active Directory server over LDAP, without ever prompting the user to enter anything but their password.
Would this be a fair assessment or does it not work this way?