@jmercier Any chance you have an ! in the password for your SMB share? An !, and possibly other 'special' characters, is a problem for some parts of Jamf Pro to handle in a DP password.

Hi @sdagley not at all simple password

tried an AD account, tried server local account, tried admin local JSS account

You should have two sets of credentials. One with read/write permissions and one with read only permissions. It seems your read/write account is working fine since Jamf Admin works and you're probably using that to mount it manually.

You have an issue with your read only account since that's what your Macs will use with Self Service and automated or Jamf Remote policies.

So first make sure you have a read only account configured both in SMB and in Jamf and then manually try mounting the SMB share with the read only account.

Hi all...

here are more info

my distribution point in JSS is configured with :

server : tried with IP and Name
SMB protocol
share name : CasperShare
Port 139
workgroup : empty

RW and R account, tried the same with AD account, tried server local account, tried admin local JSS account

@jmercier @crbeck may be on to something. Jamf Admin will be using your Read/Write account credentials, and any policy being run by the Jamf binary will be using your ReadOnly account. Make sure you have verified the credentials for that account.

@crbeck

your a damn rock star... thanks... that seems to be working...

ill keep you all posted within 1 hour

@jmercier I would strongly recommend you consider enabling http/https content delivery for your distribution point if possible. It should be much more performant than an SMB share as there is no need to mount/unmount the file system when doing http/https downloads. You also get the benefit of resumable downloads.

@jmercier I second @sdagley's previous comment. Setup SMB so you can use it to upload packages and get your updated infrastructure in place, but work on getting HTTPS content delivery setup too. I setup a basic NGINX server on top of samba on a few CentOS Linux boxes, HTTPS downloads on my Macs are far faster and more reliable than SMB.

Keep in mind that if you plan on using SMB distribution points on macOS Catalina clients, you're going to need to whitelist that server, else DP mounting will fail.

Yet another reason to move to https distribution points (especially if your JSS is Internet-facing... a lot of ISP's and public networks block SMB over the Internet by default. https, not so much ;-)

thanks to all... all fixed...

starting next week to setup http DP

@RobertHammen Can you expand on what you meant with regards to whitelisting the server?

@RobertHammen

a lot of ISP's and public networks block SMB over the Internet by default

Because no one should ever open SMB up over the internet!

Was reading about this and in the process of setting up my own on prep Jamf server and have question about the read and read/write accounts for the SMB share. I am assuming these two accounts need to be on my client macs as well? Is this is how they are able to get packages and have them installed. I am a little new to Jamf and just trying to figure out where these accounts need to be and how they rely on each other for permissions to the DP. The documentation said to have the two accounts with the appropriate access to the share and it seems like that's just on the server? Again just trying to understand better.

Thank You

@RobertHammen what do you mean and can you post some links?
"Keep in mind that if you plan on using SMB distribution points on macOS Catalina clients, you're going to need to whitelist that server, else DP mounting will fail."