Help

Deploying LDAP Server Info to 10.11 Clients

tomgideon2003
Contributor

Posted on ‎03-28-2016 06:18 AM

Hello,

I have been doing well in the past (before 10.11) with deploying our LDAP server information to clients but now it no longer works correctly. I used to build a dmg with Composer which had the ~/Library/Preferences/com.apple.AddressBook.plist in it and filled all existing and future home directories. This always worked great.

Now with 10.11, it partially works still but my scope "One-Level" doesn't copy over correctly because it says "Unknown" and it greyed out. So, I tried a clean 10.11.4 computer and used Composer to record any file changes as I added the LDAP server to it. I did that, and I cannot find where 10.11 even puts the LDAP sever info. I checked the ~/Library/Preferences/com.apple.AddressBook.plist file and no server information is being stored there anymore. It must be in some other file that Composer couldn't catch.

Does anyone else have ideas on this issue? Or what file now stores that information?

Thanks!

0 Kudos
4 REPLIES 4

golbiga
Contributor III
Contributor III

Posted on ‎03-28-2016 10:53 AM

Why not just use a Configuration Profile? You can assign a user level profile that will populate Contacts for you.

Allen

0 Kudos

tomgideon2003
Contributor

Posted on ‎03-28-2016 11:11 AM

Hi Allen,

The issue here is that we don't have any users part of our JSS. We only do computers and mobile devices. So any user-level configuration profiles won't install. It seems like that would solve this if we were setup that way. Thanks for your suggestion and we might have to look at doing this!

-Thomas

0 Kudos

golbiga
Contributor III
Contributor III

Posted on ‎03-28-2016 11:16 AM

Thomas,

You could create the profile and then use outset to install at login-once instead of using the JSS.

Allen

0 Kudos

tomgideon2003
Contributor

Posted on ‎03-28-2016 12:03 PM

Allen,

That is a good idea. I was working on the profile but realized that open authentication isn't possible for the LDAP settings. We don't use a username or password to access our LDAP and so many people currently use it on their personal phones and devices that this would be difficult to change. I wish there was a way to get around that part.

-Thomas

0 Kudos