HELP! Install / Uninstall software based on AD group membership (LDAP label)
07/21/2016 1132 views
Hey all, looking to get a little help with the removal of software based on an LDAP label.
There are two parts of this. The first is installing the software automatically based on an LDAP label when a user is added to the specific AD security group. That one works great. Here's the SQL for that.
USER_LABEL_JT ON (USER_LABEL_JT.LABEL_ID = L.ID)
USER U ON (U.ID = USER_LABEL_JT.USER_ID)
MACHINE ON (MACHINE.USER_NAME = U.USER_NAME)
((L.NAME LIKE 'MemberOf - LDAP USER LABEL HERE')
AND (NOT EXISTS( SELECT
MACHINE_SOFTWARE_JT.MACHINE_ID = MACHINE.ID
AND SOFTWARE.ID = MACHINE_SOFTWARE_JT.SOFTWARE_ID
AND SOFTWARE.DISPLAY_NAME = 'SOFTWARE 1')))
The issue that I am trying to solve is essentially reversing the label so that when a user is removed from the AD security group and subsequently no long in the LDAP label that the software automatically gets removed. I would think that this should be as simple as (If software exists and label does not then do something). However despite my best efforts is just is not working as I believe it should.
Any help here would be much appreciated.
Be the first to answer this question