Create Smart Group based on LDAP field

MarkISC
New Contributor

Hi,

Complete JAMF newbie here.

Is there anyway we can create a SMART group based on a users OFFICE location in Active Directory?

Basically we want to be able to create policies that ONLY apply to certain offices

Thanks

2 REPLIES 2

robii
New Contributor III

Create an Extension Attribute that is mapped to the users Location LDAP attribute and the crate a Smart Group with that new Extension Attribute as the criteria.

MarkISC
New Contributor

Thanks,

Ive written a very simple script that gets the OU and used it Extension Attributes under Computer Management

!/bin/sh

CompName=$(dsconfigad -show | awk '/Computer Account/{print $NF}' | sed 's/$$//') OU=$(dscl "/Active Directory/XXXXXXXXX/All Domains" read /Computers/${CompName}$ dsAttrTypeNative:distinguishedName | tail -1 | awk -F"${CompName}," '{print $2}')
echo "<result>$OU</result>"

Ive tested this script on a few Macs and it gives me the result im after. eg the output looks like

<result>OU=Computers,OU=China,DC=XXXXXXXX,DC=XXXXX</result>

BUT, when i create a Smart group that the critian is "OU=Computers,OU=China,DC=XXXXXXXX,DC=XXXXX" NO computers appear int the list. There should be at least three.

Is there something im missing?

Thanks