Skip to main content

Hello all,



I already have a support case open with JAMF but was hoping to spread the net a little wider in case somebody has seen this issue before. For some 10.8.5 machines (and only 10.8.5 machines, as 10.7 and 10.9 never experience this issue), wether it be a self enrollment package or a generic quick add package, it fails during the post flight script part of the install.



When running the installer I get this verbose output:
installer: Installing QuickAdd….....
installer:
installer: Configuring the installation…
installer: Validating package…
installer: Writing files…
installer: Writing package receipt…
installer: Finishing the Installation….....
installer: Running QuickAdd installer script…
#
installer: The install failed (The following installation step failed: run postflight script for QuickAdd. Contact the software manufacturer for assistance.)



When I try to manually enroll it tells me:



Downloading the JSS CA Certificate...
There was an error.
Error enrolling computer: Unable to establish trust with the JSS - Could not connect to the JSS.



Or when I do a recon -verbose, I get this:



sudo jamf recon -verbose
verbose: Timeout: 10
verbose: Checking availability of https://jss.lyv.livenation.com:8443/...
There was an error.
Connection failure: "The host jss.lyv.livenation.com is not accessible.”



Now on that very same computer I can access the web interface for the JSS just fine without issue, also for testing I downloaded the root CA generated by the JSS and manually added it to the machine. I can run the GUI apps like Casper Admin and Recon just fine on the machine and they all log into the JSS as well. When I run Recon I can do everything until I hit enroll and it gets through almost everything until I get the same message as I do from the command line where it says:
*Downloading the JSS CA Certificate...



There was an error.



Error enrolling computer: Unable to establish trust with the JSS - Could not connect to the JSS.*



I don't think this is a messed up certificate or anything because most other machines will work fine without issue and when visiting the admin web interface it accepts the certificate .



Any ideas?

Figured it out. You can ignore this. Thanks :)

Hi Chris, i'm experiencing the same issue. How did you fix it?
thanks!

How did you fix this? I have the same problem

How did you fix this? I have the same problem

How did you fix this? I have the same problem

@esembly @vickycouturier



Sorry folks, didn't see you responses.



Our issue was pretty specific to our location. Because of a VPN issue with the built in Cisco VPN client on OS X we used to have, we had to add custom resolver files at /etc/resolver/ on our macs so that we could reach servers by our internal dns names when VPNd in. Basically, it would tell the Mac that if it tried to reach anything with ourinternaldomain.com it would properly route the DNS request to an internal DNS server to get the right IPs. When the machine was on the corporate network, this would still work ok but for some reason it would screw up at the part in the error listed above. So, not sure exactly why this was happening but since we had already fixed our VPN issue a while back and the resolver files were no longer needed, we just removed them from the machine and it fixed this issue.



So if it is anything that would apply to your environment, I would double check your DNS and the routing to your DNS servers.

We have seen this issue too..



My advice was first to use a web browser - to check that the machine had a valid network connection
-- can you access any websites ?



Answer: YES, but QuickAdd problem still exists..



Question: What is the TIME on the computer ?
Answer: -- Umm - it's a year out !



Try setting ntp:



Done that: (Changed) Now QuickAdd is working..

Terms & ConditionsCookie settings