Hi,
I'm not sure whether this is possible using GPP Item level targeting or if I'm hitting a bug, but I'm having difficulty setting up a preference to add the logon user to a local group when using item level targeting to a security group.
what I'm doing:
- Create AD group and populate user account into it: 'MEL Remote Desktop Users'
- Setting an environment variable for the site name (e.g. %SiteCode% = "MEL") using GPP
- Create a preference to add the current user to the 'Remote Desktop Users' group.
- Attempt to use item level targeting to check whether the user is a member of the security group using the environment variable %SiteCode% variable, e.g. : '%SiteCode% Remote Desktop Users' (note : I can't use the browse button and select the group as the group name and SID changes for each site).
this doesn't seem to work.. although:
- from the traces I can see the environment variable definitely exists when the item is being processed.
- when I remove the security group target the preference applies without problem.
I've noticed when I enter free text 'Domain Users' the ILT will evaluate as true and the user will be populated into the group. Other groups do not seem to work correctly when entered manually?
Can anyone advise if this should work? or if there is another approach which may work better (LDAP query? WMI Filter?)
Thanks!