JAMF Casper LDAP
Using LDAP to sync user/group information into JAMF Casper
(Thanks to John Kitzmiller from the Linde Group)
Foxpass configuration
Log in to your Foxpass account to complete the following steps.
Find your Base DN on your Foxpass Dashboard (https://console.foxpass.com/settings).
Then, create an LDAP Binder account with the name 'Casper' (or something easily identifiable) on the LDAP binders page. Copy/paste the generated password! It is only displayed once.
Casper Configuration
Log in to your Casper JSS server to complete the following steps.
Add an LDAP server to the JSS
- Click on the settings icon at the top right.
- Click on "System Settings", and then click on "LDAP Servers”.
- Enter connection details.
Settings
Display Name: (This can be whatever you like, such as Foxpass)
Directory Service: Configure Manually
Server and Port: ldap.foxpass.com 636
Use SSL: Yes
Authentication Type: Simple
Distinguished Username: cn=, (example: cn=Casper,dc=foxpass,dc=com)
Password: Enter the password you recorded when you set up the LDAP Binder account
Connection Timeout: 15 Seconds
Search Timeout: 60 Seconds
Referral Response: Use default from LDAP service
Use Wildcards When Searching: Yes
Configure User Mappings
-
Click on the “Mappings” tab at the top of the LDAP Server settings window.
-
Click on the “User Mappings” sub-tab.
-
Enter the User Mappings connection details.
Settings
Object Class Limitation: All ObjectClass Values
Object Class: InetOrgPerson
Search Base: ou=people, (example: ou=people,dc=foxpass,dc=com)
Search Scope: All Subtrees
Username: UID
Real Name: cn
Email Address: mail
Configure User Group Mappings
-
Click on the “User Group Mappings” sub-tab.
-
Enter the User Group Mappings details.
Settings
Object Class Limitation: All ObjectClass Values
Object Class: posixGroup
Search Base: ou=groups, (example: ou=groups,dc=foxpass,dc=com)
Search Scope: All Subtrees
Group ID: gidNumber
Group Name: cn
Configure User Group Membership Mappings
-
Click on the “User Group Membership Mappings” sub-tab.
-
Enter the User Group Membership Mappings connection details.
Settings
Membership Location: Group Object
Member User Mapping: memberUid
Use distinguished name of member users when searching: no
Include member user mapping in returning attributes: no
- Click “Save”.
Updated about 1 year ago