<

Still celebrating National IT Professionals Day with 3 months of free Premium Membership. Use Code ITDAY17

x

How to use User Attributes within Group Policy Preferences Item Level Filtering

Published on
3,355 Points
255 Views
1 Endorsement
Last Modified:
Shaun Vermaak
My name is Shaun Vermaak and I have always been fascinated with technology and how we use it to enhance our lives and business.
Had a business requirement to store the mobile number in an environmental variable. This is just a quick article on how this was done.

1) Create an environmental variable to store the default value for the user attribute, Mobile (#1) in this case



2) Create an environmental variable to store the value for the user attribute, Mobile (#2) in this case



3) From the Common tab, enable Item-level targeting. Add LDAP query filter and enter the following values


Name Value
Filter
(&(objectCategory=person)(objectClass=user)(sAMAccountName=%LogonUser%))
Binding
LDAP:
Attribute
mobile
Environmental variable name
usermobile




4) Create an environmental variable to store the positive outcome, NeedsToRun (#3) in this case



5) From the Common tab, enable Item-level targeting. Add environment variable filter as below



6) Create an environmental variable to store the negative outcome, NeedsToRun (#4) in this case



7) From the Common tab, enable Item-level targeting. Add environment variable filter as below


The variable NeedsToRun can now be used as a trigger on any Group Policy


Please do not forget to press the "Thumb's Up" button if this article was helpful and valuable for EE members.
It also provides me with positive feedback. Thank you!

1
Comment
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
1 Comment
 
LVL 35

Author Comment

by:Shaun Vermaak
Hiya. Yes I tried it without but could not get a variable to use for getting the value
0

Featured Post

Problems using Powershell and Active Directory?

Managing Active Directory does not always have to be complicated.  If you are spending more time trying instead of doing, then it's time to look at something else. For nearly 20 years, AD admins around the world have used one tool for day-to-day AD management: Hyena. Discover why

Join & Write a Comment

This tutorial will walk an individual through the process of transferring the five major, necessary Active Directory Roles, commonly referred to as the FSMO roles to another domain controller. Log onto the new domain controller with a user account t…
Are you ready to implement Active Directory best practices without reading 300+ pages? You're in luck. In this webinar hosted by Skyport Systems, you gain insight into Microsoft's latest comprehensive guide, with tips on the best and easiest way…
Suggested Courses

Keep in touch with Experts Exchange

Tech news and trends delivered to your inbox every month