cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Afaria User Group question

Go to solution
Former Member

on ‎03-20-2014 8:25 AM

0 Kudos

Hello,

I have a qustion regarding User Groups in Afaria.

If I have configured the active directory authentication in the Security settings of the Afaria Server.

I also configured 2 AD groups where my user is in 1 of the group and 2 User groups in Afaria, that shows to the AD groups.

SAP told me if I use the "User Name" variable in the enrollment code, I can use the user groups for the devices.

I tested it with the standard Afaria Client from the appstore without success. Only if I enroll via the Self Service Portal the device are bound to the user group I created.

Is it really only possible via the SSP?

Thank you and best regards

Michael

Show replies
Show replies
Answer

Accepted Solutions (1)

Accepted Solutions (1)

Former Member
‎03-20-2014 8:53 AM
0 Kudos

You need to enable authentication on the enrollment server in order for your device to be linked to an AD user. Currently this is set during installation of the enrollment server.

I have also a database trigger that will take the Username and copy it to the SelfServiceUserName and AssignmentsUserName in the database. Then you don't need to change the enrollment process.

BR

Peter

Show replies
Show replies
Former Member
‎03-20-2014 9:05 AM
0 Kudos

Hello,

Thanks for your answere,

Yes I now about the function for the enrollment server or package server. But I dont want that the user have to enter their AD PW, only the username, that should be enough for the User Groups so I deactivate the authentication for enrollment server..

Described by SAP the function should work as followed:

User downloads Afaria-->enter the enrollment code--> enter his AD User name (via the User Name variable)-->gets enrolled and bounded to the right Afaria User group.

How it work actually for us,

The user login to the SSP with his AD credentials-->the enrollment starts--> after the enrollment the user was bound to the right Afaria User Group.

Hope you understand what I want.

BR
Michael

Former Member
‎03-20-2014 9:13 AM
0 Kudos

The SAP description is not correct 😞 You have 3 options for AD groups

  1. Use SSP
  2. Force the user to enter username/password during enrollment
  3. Copy values from "UserName" to "AssignmentsUserName" in A_IPHONE_DEVICE table

BR

Peter

Former Member
‎03-20-2014 1:02 PM
0 Kudos

OK Peter, Thank you very much for that information, helped me a lot!

BR
Michael

Former Member
‎03-20-2014 1:06 PM
0 Kudos

Super.

We have used this:



USE [Afaria70]


GO


/****** Object:  Trigger [dbo].[MA_TR_IPhone_Device]    Script Date: 08/18/2013 22:51:30 ******/


SET ANSI_NULLS ON


GO


SET QUOTED_IDENTIFIER ON


GO


-- =============================================


-- Author:            Peter Mohr


-- Create date: 


-- Description: 


-- =============================================


ALTER TRIGGER [dbo].[MA_TR_IPhone_Device] 


   ON [dbo].[A_IPHONE_DEVICE] 


   AFTER UPDATE, INSERT


AS 


BEGIN


 -- SET NOCOUNT ON added to prevent extra result sets from


 -- interfering with SELECT statements.


 SET NOCOUNT ON;




    Update D


    SET D.AssignmentsUserName = D.SelfServiceUserName


    FROM A_IPHONE_DEVICE D


    INNER JOIN Inserted I ON I.arowid = D.ARowID


    WHERE I.SelfServiceUserName IS NOT NULL




END

BR

Peter

Answers (0)

Ask a Question