Help

User Level Configuration Profiles

strider_knh
Contributor II

Posted on ‎06-21-2016 11:59 AM

I have some setting that I want to apply to all our users except for a certain group. This is for any computer that they login to. I am using user level configuration profiles and want to make sure this is correct, a little confusing to me on how to set the scope. (Settings are things like find and other restrictions)

I created the profiles as User Level and set the scope to All Computers. I know that All/Specific Users has been out for a while but I am unsure if that needs to be set here. I also have a static user group that I set as an exemption, the users that I do not want to set these settings for. Is this correct? I am thinking I have something wrong or I am thinking about it incorrectly.

0 Kudos
4 REPLIES 4

obi-k
Valued Contributor II

Posted on ‎06-21-2016 12:28 PM

Are your users bound? https://jamfnation.jamfsoftware.com/discussion.html?id=4855

0 Kudos

obi-k
Valued Contributor II

Posted on ‎06-21-2016 12:29 PM

Are your users bound? my link text

0 Kudos

strider_knh
Contributor II

Posted on ‎06-21-2016 02:32 PM

The computers are bound to AD but the list is a status list of JSS users but those user names match the AD account user names. If that makes sense. Should this be an AD group I use for exemption?

Also, in the scope do I need to do anything with the All/Specific Users area?

0 Kudos

apizz
Valued Contributor

Posted on ‎06-22-2016 05:19 AM

@strider.knh Typically what we'll do is set the scope to "All Computers" and then set the Limitations or Exclusions (whichever makes more sense given our end goal) with the applicable AD security groups for the users we want to distribute the Self Service policy or user-level Config Profile to. All our machines are bound to AD.

Doing it this way ensures that regardless of the computer those individuals may be using that they get the policies or profiles they need.

Haven't had any issues with this method.

0 Kudos