Skip to main content
Question

User Level Configuration Profiles

  • June 21, 2016
  • 4 replies
  • 21 views
S
Forum|alt.badge.img+8

I have some setting that I want to apply to all our users except for a certain group. This is for any computer that they login to. I am using user level configuration profiles and want to make sure this is correct, a little confusing to me on how to set the scope. (Settings are things like find and other restrictions)

I created the profiles as User Level and set the scope to All Computers. I know that All/Specific Users has been out for a while but I am unsure if that needs to be set here. I also have a static user group that I set as an exemption, the users that I do not want to set these settings for. Is this correct? I am thinking I have something wrong or I am thinking about it incorrectly.

    4 replies

    mvu
    Forum|alt.badge.img+20
    • mvu
    • Jamf Heroes
    • June 21, 2016

    Are your users bound? https://jamfnation.jamfsoftware.com/discussion.html?id=4855

    mvu
    Forum|alt.badge.img+20
    • mvu
    • Jamf Heroes
    • June 21, 2016

    Are your users bound? my link text

    S
    Forum|alt.badge.img+8
    • strider_knh
    • Author
    • Contributor
    • June 21, 2016

    The computers are bound to AD but the list is a status list of JSS users but those user names match the AD account user names. If that makes sense. Should this be an AD group I use for exemption?

    Also, in the scope do I need to do anything with the All/Specific Users area?

    apizz
    Forum|alt.badge.img+15
    • apizz
    • Honored Contributor
    • June 22, 2016

    @strider.knh Typically what we'll do is set the scope to "All Computers" and then set the Limitations or Exclusions (whichever makes more sense given our end goal) with the applicable AD security groups for the users we want to distribute the Self Service policy or user-level Config Profile to. All our machines are bound to AD.

    Doing it this way ensures that regardless of the computer those individuals may be using that they get the policies or profiles they need.

    Haven't had any issues with this method.

    AP
    Terms & ConditionsCookie settingsAccessibility statement