Question

Classic API problem uploading computer groups

4 years ago
September 2, 2020
7 replies
0 views

+17

grahamrpugh
Valued Contributor
187 replies

There is a product issue (PI-008770) affecting JSSImporter and any other API requests which upload computer groups on some Jamf Cloud instances. If you try to upload to an existing computer group via the Classic API (e.g. curl -X PUT), you may see a 502 error. The group may still appear in your instance after several minutes, but the error response breaks any automation workflows.

If you are encountering this issue, for example when using JSSImporter or any automation, PLEASE open a ticket with Jamf and quote the PI. Let’s get this solved!

This is the response when the error occurs:

curl -H "Content-type: application/xml" -H "Accept: application/xml" -k -v -u username" https://jss.company.com:8443/JSSResource/computergroups/id/377 -T "/Users/user/Desktop/SmartGroupTemplate.xml" -X PUT
Enter host password for user 'username':
*  Trying 34.237.9.137...
* TCP_NODELAY set
* Connected to jss.company.com (34.237.9.137) port 8443 (#0)
* ALPN, offering h2
* ALPN, offering http/1.1
* successfully set certificate verify locations:
*  CAfile: /etc/ssl/cert.pem
  CApath: none
* TLSv1.2 (OUT), TLS handshake, Client hello (1):
* TLSv1.2 (IN), TLS handshake, Server hello (2):
* TLSv1.2 (IN), TLS handshake, Certificate (11):
* TLSv1.2 (IN), TLS handshake, Server key exchange (12):
* TLSv1.2 (IN), TLS handshake, Server finished (14):
* TLSv1.2 (OUT), TLS handshake, Client key exchange (16):
* TLSv1.2 (OUT), TLS change cipher, Change cipher spec (1):
* TLSv1.2 (OUT), TLS handshake, Finished (20):
* TLSv1.2 (IN), TLS change cipher, Change cipher spec (1):
* TLSv1.2 (IN), TLS handshake, Finished (20):
* SSL connection using TLSv1.2 / ECDHE-RSA-AES128-GCM-SHA256
* ALPN, server accepted to use h2
* Server certificate:
*  subject: CN=jss.company.com
*  start date: Aug  8 00:00:00 2020 GMT
*  expire date: Sep  7 12:00:00 2021 GMT
*  issuer: C=US; O=Amazon; OU=Server CA 1B; CN=Amazon
*  SSL certificate verify ok.
* Using HTTP2, server supports multi-use
* Connection state changed (HTTP/2 confirmed)
* Copying HTTP/2 data in stream buffer to connection buffer after upgrade: len=0
* Server auth using Basic with user 'username'
* Using Stream ID: 1 (easy handle 0x7ff25700c400)
> PUT /JSSResource/computergroups/id/377 HTTP/2
> Host: jss.company.com:8443
> Authorization: Basic CODE
> User-Agent: curl/7.64.1
> Content-type: application/xml
> Accept: application/xml
> Content-Length: 641
>
* Connection state changed (MAX_CONCURRENT_STREAMS == 128)!
* We are completely uploaded and fine
* http2 error: Invalid HTTP header field was received: frame type: 1, stream: 1, name: [upgrade], value: [h2,h2c]
* HTTP/2 stream 0 was not closed cleanly: PROTOCOL_ERROR (err 1)
* stopped the pause stream!
* Connection #0 to host jss.company.com left intact
curl: (92) HTTP/2 stream 0 was not closed cleanly: PROTOCOL_ERROR (err 1)
* Closing connection 0

If you enforce HTTP/1.1, we get:

< HTTP/1.1 502 Bad Gateway

Setting a longer timeout with curl has no effect.

+31

tlarkin
Honored Contributor
2721 replies
4 years ago
September 2, 2020

We see this problem all the time since upgrading to 10.23. I just want to put this out there, that the API can never fail in any version of jamf. Integration and automation rely on the API always working. Please make this a critical blocker feature of jamf and if the API breaks it blocks the current build until fixed.

zachary_fisher
Contributor
32 replies
4 years ago
September 3, 2020

Same here and am on RC of Jamf Cloud.

+19

ThijsX
Employee
369 replies
4 years ago
September 3, 2020

Same here on EU-Central-1.

+17

grahamrpugh
Author
Valued Contributor
187 replies
4 years ago
September 3, 2020

You may see this in the error if you are experiencing the problem:

Response Code: 502  Response: Please excuse the inconvenience. It appears your request has timed out. Please try again shortly.. Please contact us if you need immediate assistance or would like more information.

+17

grahamrpugh
Author
Valued Contributor
187 replies
4 years ago
September 3, 2020

I also have confirmed reports that this does not just affect cloud instances, but some on-premises instances too.

syncron
New Contributor
7 replies
4 years ago
September 7, 2020

Also running into this with several different customers.

el2493
Contributor
162 replies
4 years ago
April 29, 2021

I seem to get this when just creating a Smart User Group in the Jamf Cloud website (not using API). I can only see part of the error message becase it's partially blocked by the left pane of the website, but it seems to be the same as what @grahamrpugh quoted. What I can read:

...rily Unavailable ...pears your request has timed out. Please try again shortly. ...re assistance or would like more information.

Reply

Cookie policy

We use cookies to enhance and personalize your experience. If you accept you agree to our full cookie policy. Learn more about our cookies.

Cookie settings

We use 3 different kinds of cookies. You can choose which cookies you want to accept. We need basic cookies to make this site work, therefore these are the minimum you can select. Learn more about our cookies.

Basic
Functional

Normal
Functional + analytics

Complete
Functional + analytics + social media + embedded videos + marketing

Reply

Related topics

CS4 errors outicon

Adobe CS4 reduxicon

CS4 deployment when it comes on 2 DVDsicon

Photoshop CS4 Installer failsicon

CS5 Deploymentsicon

Most helpful members this week

Sign up

Login with SSO

Login to the community

Login with SSO

Scanning file for viruses.

This file cannot be downloaded

Cookie policy

Cookie settings