LDAP Filter
Currently trying to create a filter that will look at the users in a DL in an OU, then find those user's computers in KACE and then apply a label to those computers to make software deployment easy. The problem is that I don't see any kbox variables like 'last user that logged in' for machines that would allow me to match up AD users to their KACE machines:
KBOX_COMPUTER_NAME
KBOX_COMPUTER_DESCRIPTION
KBOX_COMPUTER_MAC
KBOX_COMPUTER_IP
KBOX_USERNAME
KBOX_USER_DOMAIN
KBOX_DOMAINUSER
KBOX_CUSTOM_INVENTORY_*
Because our KACE usernames are the same as our AD usernames, perhaps we use KBOX_Username? I'm pretty ignorant when it comes to LDAP filters, so any help would really be appreciated.
KBOX_COMPUTER_NAME
KBOX_COMPUTER_DESCRIPTION
KBOX_COMPUTER_MAC
KBOX_COMPUTER_IP
KBOX_USERNAME
KBOX_USER_DOMAIN
KBOX_DOMAINUSER
KBOX_CUSTOM_INVENTORY_*
Because our KACE usernames are the same as our AD usernames, perhaps we use KBOX_Username? I'm pretty ignorant when it comes to LDAP filters, so any help would really be appreciated.
0 Comments
[ + ] Show comments
Answers (4)
Please log in to answer
Posted by:
nshah
12 years ago
Hi,
Reading over i am confused at what you are trying to do. There are 4 areas of applying labels, Computers, Software, Patches and Users. When you target software installations you are targeting machines. Could you give an example of what you mean?
Reading over i am confused at what you are trying to do. There are 4 areas of applying labels, Computers, Software, Patches and Users. When you target software installations you are targeting machines. Could you give an example of what you mean?
Posted by:
GillySpy
12 years ago
KBOX_USERNAME is what you are looking for. This variable represents the "last user" value. So, to put that machine in a label based on the user's ldap attributes you can use a label like this the example called "MemberOfFinanceGroup" that is in your kbox.
If you have deleted it this was the search filter:
(&(sAMAccountName=KBOX_USERNAME)(memberOf=CN=financial,DC=kace,DC=com))
When the machine checks in the "last user" value will be substituted into the filter above. if the search passes (i.e. returns at least 1 result) then the machine will be put into that label. It's evaluated at every inventory.
You can do label users in the kbox in a similar way
If you have deleted it this was the search filter:
(&(sAMAccountName=KBOX_USERNAME)(memberOf=CN=financial,DC=kace,DC=com))
When the machine checks in the "last user" value will be substituted into the filter above. if the search passes (i.e. returns at least 1 result) then the machine will be put into that label. It's evaluated at every inventory.
You can do label users in the kbox in a similar way
Posted by:
corbins
12 years ago
Let's say I have some software I want to distribute via KACE to all computers in Marketing. We have an AD distribution list that contains all the users that currently work in Marketing. I want to create a computer label (in KACE) that will ONLY label machines that are used by users within the Marketing DL.
The only way this seems feasible to me is if somehow AD 'sAMAccountName' (user attribute) can be matched to KACE 'KBOX_USERNAME', thus connecting KACE computers to AD users.
Let me know if this still seems confusing.
The only way this seems feasible to me is if somehow AD 'sAMAccountName' (user attribute) can be matched to KACE 'KBOX_USERNAME', thus connecting KACE computers to AD users.
Let me know if this still seems confusing.
Posted by:
RichB
12 years ago
It seems with 5.3 server and agent the last user is only kept if a user was logged when the inventory happens, otherwise it is blank. Is that by design? In previous versions the last user was remembered. I prefer the old way. Should a bug report be filed?
Rating comments in this legacy AppDeploy message board thread won't reorder them,so that the conversation will remain readable.