Can you post (a sanitized) /var/log/jamf.log so we can have an idea what's happening?
Can you post a (sanitized) /var/log/jamf.log so we can see what's happening?
Are your network users admins on the local machine, or standard accounts?
I switch to SMB, and Self Service started working. I was happy for a moment there until I opened Casper Admin on my machine, now its my Casper Admin that couldn't mount the share.
Question: Do I need my machine running casper admin to join the domain to mount the share?
I revert back to afp, Casper Admin open, Self Service on the client breaks again.
@ryanstayloradobe Our Teachers are Admins and Student are Standard account. It was working before, when we used to have 9.81
We have the share set up as smb as well, for me to be able to start Casper Admin and have the share mounted, I need to first mount the share (using CMD + K for example) and then start Casper Admin. It will however unmount it properly after exiting Casper Admin. Not sure why.
There was also something similar a while back where the JSS was trying to mount the SMB share using the TGT from the logged in user as opposed to the JSS SMB account(s).
I think that's why you can mount it manually @jonlju using Command-K.
When we use CasperAdmin now, we use a local admin account, and I don't see that issue or course.
You can try for fun to kill your TGT for the logged in network account first, then launch CasperAdmin. Does that work?
What I am noticing in the logs is Self Service is logging in as the logged in user. Correct me if I'm wrong but doesnt it should use the credentials we put in the JSS?
This is the logs from the DP.
AFP Log below shows successful Self Service (When logged in as a Local Admin user)
This one below is Failed Self Service (When logged in as a Domain User)
The issue has been resolved after I unbind the server from the domain.
I do not know if the information sent to me by our TAM can fix our issue but I will share it anyways.
Please note I haven't tested this yet so I cannot confirm if this works.
She asked if we are using lower case in our AD. Yes we do use lower case.
So she advised to use "UPPER CASE" when logging in to Self Service as per Product Issue (PI-002648)
"Unfortunately, we don't have much additional information besides right now for other accounts also experiencing it. It is still in a testing phase to try and narrow down the exact cause or reason for the case sensitivity. Through testing, it has been confirmed on multiple occasions that by using capital letters, it allows policies to run successful.
I have linked our case to the open Product Issue (PI-002648), so the developers are aware. If you could also submit an updated JSS Summary, to attach to your account, which will list specifics about your environment. This should help narrow down if it is an environment issue."
