Add device rule with specific AD group does not work
You might try creating two different rules, one for the LDAP based enrollment and one for the other set of users. Please let me know if this works for you.
SOTI Technical Support | SOTI Inc. | 1.905.624.9828 | email@example.com
I'm not sure I understand what you want me to do. What do you mean by "one for the other set of users."?
Think I'll add a screenshot for claryfication:
As soon as an LDAP Group is added here, enrollment with the Enrollment URL isn't possible anymore.
In general, most options of an Add-Devices rule cannot be changed once the rule has been used for successful enrollment of one device. This is often the case if some server parameters configured with MCadmin utility program are changed.
So, all the devices that have been enrolled without authentication can be left untouched. Any devices that do not need LDAP authentication can use you existing Add-Devices rule (with no LDAP authentication option checked).
Then, add another Add-Devices rule that use LDAP authentication. Any devices that need LDAP authentication should use the enrollment ID/URL of this new rule for enrollment.
I deleted my existing rule and created new ones with the correct parameters.
I created two different rules, one with the Manual Enrollment Option and the Rule Target set to the specific device group and the User Authentication Option Set to the corresponding LDAP group.
The other rule is configured to Enrollment Option based on LDAP Group Membership. The LDAP Mapping is configured to the LDAP grup. Everyone Else is denied access.
But with both rules i get the same behaviour on the device: "No Registration. Try again or contact system administrator."
Have you ever successfully enrolled any device onto your current server with AD authentication in the past (either the current or other earlier MobiControl server version/build )? If it worked in the past in earlier version/build, your problem may stem from your current server, which I cannot say for sure there is no problem without any thorough tests. Otherwise, you probably have no experience on the task and there is a possibility that you have mis-configured or overlooked something.
What is the brand and version of your LDAP server? Have you checked any other MobiControl function after integrating this LDAP? For example, have you checked you LDAP integration has been enabled in the Global Settings? Have you tried adding an administrator account (for accessing the web-console) using LDAP authentication?