Help

AD Binding Config Profile with DEPNotify

ChrisTech
Contributor

Posted on ‎07-19-2022 09:02 AM

I would like to start binding machines using a config profile. Are any of you using it with DEPNotify? Currently I have AD binding done with a script that DEPNotify runs after setting the machine's name. How do you 'trigger' the config profile with a script? Looking for ideas.

0 Kudos
3 REPLIES 3

mm2270
Legendary Contributor III

Posted on ‎07-19-2022 10:36 AM

If you want to use a profile for binding and it needs to happen after a particular step in your enrollment, I recommend writing out a file or plist with some information to the Mac immediately after it gets named and then have an Extension Attribute that looks for that info on the Mac and drop it into a Smart Computer Group. That group can be the scope of the profile, so as soon as it lands into the group, Jamf Pro should deploy the profile for binding to it.

You'll need to ensure that in your script after the Mac is named that an inventory collection is taken so it will land into the group.

If you need more specifics than the above, just post back and I can elaborate a bit on how to set this up.

0 Kudos

cbrewer
Valued Contributor II

Posted on ‎07-19-2022 11:39 AM

Why switch from a script to a profile? A script using dsconfigad seems like it would be more flexible.

0 Kudos

mm2270
Legendary Contributor III

Posted on ‎07-19-2022 12:47 PM

Also just to point out, Jamf Pro still supports directory bindings that can be called in a policy using a custom trigger. Under the hood I believe those LDAP bind configurations use dsconfigad, but it removes the need for any scripting knowledge to use it. It's actually what I use. Until we do away with any binding for our Macs, which I hope is later this year.

I admit I'm not too sure what actual advantage there would be in using a configuration profile for this.

0 Kudos