Help

Apple School Manager User Import - Matching criteria with @appleid.domain.org AppleIDs

bumbletech
Contributor III

Posted on ‎01-24-2018 06:05 AM

(First off, we're still on 9.101.4)

I'm trying to find the right match criteria for ASM imports.

One of the districts we support has some odd naming conventions where staff AD usernames don't match their email usernames. Their AD accounts follow the scheme {district-abbreviation}{lastname}{firstinitial}{middle-initial?}, (ex. aiAppleseedJM), and the email usernames are a simple {firstInitial}{lastName} (ex. jappleseed). This takes "Managed Apple ID STARTS WITH Username (JSS)" out of the running.

On top of that, we're adding "@appleid" for the Managed AppleID domains just in case anyone already created an AppleID with their school email. This takes "Managed Apple ID {ANY OPERATOR} Email (JSS)" or vice versa out of the running.

Has anyone run into this issue? I could do some manual imports with the API, but I'm concerned that might cause a problem once we have the ability to have criteria like "Email before @" for these imports.

Labels:
0 Kudos
5 REPLIES 5

MattAebly
Contributor II
Contributor II

Posted on ‎01-24-2018 06:20 AM

Hey Josh,

Would any of those values work with the CONTAINS operator? Your Managed Apple IDs might contain the email address or the username of the user in Jamf Pro.

Otherwise, if you have your users already in Jamf Pro and are looking to match just the ASM import, we could make a User Extension Attribute of the Person Number of each user in ASM. This we could use for matching the Source System Identifier. We would make the matching be:

Source System Identifier EQUALS Our Extension Attribute

If the naming conventions don't make it where we can match, using the Source System Identifier is the next best option. But I would test out some of the Contains. You do not need to completely go through with the import. If you don't see the matching screen during the import or if things look off in the review screen, you don't need to complete the import. That review screen at the end of the import is very important to double-check that the import looks correct.

Matt

0 Kudos

bumbletech
Contributor III

Posted on ‎01-24-2018 06:28 AM

I have been testing various operators. Contains doesn't yield the right results in this scenario. While "jappleseed@appleid.district.org" contains both "jappleseed" and "@district.org" it doesn't contain "jappleseed@district.org" as one continuous string. I'm guessing I'll have to fire up a feature request to include "Email before @ (JSS)" as criteria.

0 Kudos

bumbletech
Contributor III

Posted on ‎01-24-2018 06:35 AM

Looks like this feature request pending for 10.2 may solve my problems:

https://www.jamf.com/jamf-nation/feature-requests/6386/match-asm-users-based-on-username-or-email-address

0 Kudos

MattAebly
Contributor II
Contributor II

Posted on ‎01-24-2018 06:45 AM

That's good news.

That's why we pushed especially for those values to be added in the matching criteria are for situations such as this. If that doesn't work, hit us up and we'll find a way to match those existing users to the ASM imported users.

0 Kudos

ayork
New Contributor II

Posted on ‎01-24-2018 06:49 AM

I created a student number field for the user record so the matching criteria matches Student Number (JSS) equals Source System Identifier.

0 Kudos