Jamf Nation Community

dkagle · ‎04-09-2014

Has anyone successfully setup Casper 9 and WebHelpDesk Asset Discovery? I am on JSS 9.3 and WHD 12.1.0

I have my ports open on the firewall on my internal network but I keep getting an error message. One is "Time out while attempting to connect to https://myjssserver/JSSResource/computers". This occurs when I don't specify a port. The other is peer not authenticated when i specify port 3306. I have a valid JSS account entered for the credentials. WebHelpDesk support for our company isn't reliable. Thanks in advance to anyone who replies.

thomasC · ‎04-09-2014

Sounds like you are trying to use the old connection. Use the Casper 9 option. You will need an account on your JSS that has read only access to the API. Use that account information in the discovery connection settings in WHD.

nmcspadden · ‎04-09-2014

ThomasC's post is correct - use the "Casper9" option along with an API read-only account and you'll be good to go.

I use WHD, but probably not in the way they expected to integrate with Casper. We only use Casper for MDM/iOS, not for Macs, so there are no computer objects in our JSS. WHD does not handle this situation at all - at this time, pulling mobile devices from Casper is "unsupported" and is currently a feature request.

The good news is that I've written a Python script that uses the JSS API to store the information in a MySQL database, and WHD supports pulling tables directly from a MySQL database as one of its discovery connections. You can see the script here:
https://github.com/nmcspadden/Sal-JSSImport/blob/master/jsspull.py

It can be easily tailored to incorporate any information available from the JSS API, including computers.

dkagle · ‎04-10-2014

Thanks for the feedback. I verified it is the Casper 9 connection. Followed the Solarwinds documentation exactly. Still no luck. Still get a message stating. "Timed out while attempting to connect to 'https://10.1.x.x/JSSResource/computers'

I went into Casper and setup a new user account with read access specifically for WHD and it still didn't work. We have an open ticket with Solarwinds as well. Thanks again.

jparsons · ‎04-29-2014

It worked well with my server (be sure to specify the port number in the JSS Server URL field ... 10.1.xx.xx:8443)

The downside of the WebHelpDesk sync tool is that it only syncs Computers, not mobile devices. You will need to create a couple of VIEWS in your database so WHD can pull the mobile device data also. Here is the MySQL script that we used to do that:

MOBILE DEVICES

A separate discovery tool needs to be created to sync the mobile devices. It involves opening a connection to the JSS MySQL database and creating the necessary queries to pull the needed information (accomplished with VIEWS)

Opening the DB connection: 1. SSH/Terminal into the JSS Server and log in to MySQL: /usr/local/mysql/bin/mysql -u root -p (the password for root is blank, just press enter)

Create a read-only user: grant select on jamfsoftware.* to 'jamfnavigator'@'%' identified by 'password';

Create two views:

VIEW #1 - isolates the latest reports from the devices

create view whd_jss_reports as select substring(max(concat(date_entered_epoch,report_id)),14) as max_report_id, mobile_device_id from reports group by mobile_device_id;

VIEW #2 - gets the various fields from the JSS tables that you will need to sync

create view whd_jss_mobile_devices as select m.asset_tag, m.serial_number, m.display_name, m.wifi_mac_address, d.ip_address, d.os_version, d.model_version_number, b.building_name, l.room, p.department_name, l.username from whd_jss_reports r left join mobile_devices m ON m.mobile_device_id = r.mobile_device_id left join mobile_device_details d ON d.report_id = r.max_report_id left join location_history lh ON lh.mobile_device_id = m.mobile_device_id left join locations l on l.location_id = lh.location_id left join buildings b on b.building_id = l.building_id left join departments p on p.department_id = l.department_id where m.asset_tag > '' and d.model_identifier like 'iPad%' group by m.asset_tag;

Exit the JSS Server and log into WHD to add a new Asset Discovery to WHD

go to SETUP -> ASSETS -> DISCOVERY CONNECTIONS
click add, and enter the particulars for the connection

-- Connection Name: JSS Mobile Devices - Custom MySQL View -- Discovery Tool: Database Table or View -- Database Type: MySQL
-- Host: <your JSS server IP> Port 3306
-- Database Name: jamfsoftware
-- Username: jamfnavigator
-- Password ••••••••
-- Table or View: whd_jss_mobile_devices
-- Sync Column: asset_tag
-- Ignore Blank Discovered Values: Yes
-- Sync with Existing Assets Only: No
-- Client Relationships: Ignore clients
-- When Assets Are Removed: Set Status to Retired

Set the attribute mapping.
click the 'Sync Now' button to test the process.

CasperSally · ‎12-02-2014

@nmcspadden - read only API account in Casper 9 is just an account where JSS objects are all set to Read, or am I missing something obvious?

Trying to figure out why I'm getting the "peer not authenticated" when trying to set up the connection.

pbenham · ‎12-02-2014

See - https://jamfnation.jamfsoftware.com/discussion.html?id=12517

CasperSally · ‎12-02-2014

thanks pbenham, I confirmed if you manually edit the server.xml on versions < 9.61 for the poodle vulnerability, it also breaks WHD integration as expressed in your 9.61 thread - where they fix it for you.

https://jamfnation.jamfsoftware.com/article.html?id=382

Confirmed removing the edit in server.xml fixes it.

Do you guys have tickets in with Solarwinds on this? If so, I'll mention it in a ticket for me.

pbenham · ‎12-02-2014

Our case # was - 714076

CasperSally · ‎12-09-2014

To anyone who has webhelpdesk integration working - are you able to import last checked in or last inventory time into the webhelpdesk database? I can't figure out how to do this. I'm waiting for permissions to put tickets in with solarwinds so figured I'd ask here in the mean time.

Thanks