I currently have a JSS built on my internal network. I'm in the process of getting one built for my DMZ. I only want the DMZ JSS to "check in" with machines when they are out in the wild. Do i need to install MySQL and everything as I did when i setup the internal JSS?
Answer
Installing JSS in DMZ
+24Best answer by MAD0oM
@ddcdennisb All you need to do is Tomcat, MYSQL and the JSS. Follow the instructions like you would installing your master. When you get to the JSS installation it will prompt to enter your MYSQL info. In that case you would enter your MASTER info. Make sure ALL the ports are opened to access all information and get no errors.
Nope. You only run the tomcat server on the external JSS server, and you point it to the mysql database that is in use by your internal JSS server. Then in the web apps you turn on clustering.
Just keep in mind you can only have one URL for machines to check into. So your internal DNS url for your machines needs to match the external one.
+14What @chriscollins][/url posted is correct.
If you haven't seen it yet, we have a kbase article outlining the process here.
+7In my case i just made the JSS URL the external but once the folks are internal .....instead of going out then back in to check into the JSS, i put a DNS record entry so the internal clients would point to my MASTER instead of the DMZ.
+24sorry to sound like a nub.... so all i need to install on the external server is TomCat and the JSS?
Then within the External JSS web interface i point the DB to my internal existing DB?
@chriscollins
@johnkitzmiller
+7@ddcdennisb All you need to do is Tomcat, MYSQL and the JSS. Follow the instructions like you would installing your master. When you get to the JSS installation it will prompt to enter your MYSQL info. In that case you would enter your MASTER info. Make sure ALL the ports are opened to access all information and get no errors.
+21Be aware of your policy scoping, though. Your machines will be able to check in from outside but unless you make a distribution point accessible from outside those policies that require a package will fail.
+7@ddcdennisb One more thing. Make sure to turn off the Web Access for your DMZ as a extra security Feature unless ofcourse you want to access your JSS from the outside. but port 3306 is the SQL port you need opened in and out.
+24the DMZ jss will be a point for using lock/wipe commands when people are outside our network.
Thanks all for the info.
Enter your E-mail address. We'll send you an e-mail with instructions to reset your password.