Jamf Nation Community

I saw different. Many of my 10.6 machines were getting errors when submitting inventory after turning on certificate based communication. I don't remember the exact error but it was something like: 401, could not reach jss.

@cbrewer- are you sure you didn't enable the "This JSS has a valid certificate installed" option that caused that? Because my understanding is the top option to "Enable Certificate-Based Communication" should not affect 10.6 clients communicating with the JSS.
I'm curious to hear if that's different, since I've been considering making the suggestion to enable that for our Lion clients. We still have a bunch of Snow Leopard Macs as well.

I'm positive it was only the "Enable Certificate-Based Communication" option. I did it to test pushing profiles to Lion machines (which worked fine). However, after having it on for a couple weeks we came across quite a few problems with 10.6.8 machines failing to submit inventory. It wasn't every 10.6 machine though. Turning the option off immediately got the troubled 10.6 machines working again.

IIRC, the 8.51 release resolved the 401 error when enabling secure communication.

Ah, Ben is right. Its right in the release notes for 8.51, defect 002556 on pg 17-

"Fixed an issue that caused the jamf binary to return a 401 Failure error when collecting inventory if certificate-based communication is enabled in the JSS."

That's good to know.

I waited for 8.51 to see if the problem would be resolved, but it was not for us. That's when I decided to just turn it off for now. Probably should have looked into it more, but had enough other irons in the fire.

thanks for your responses guys.
I think the first thing i'm gonna do is update to 8.51
Once that's done i'll enable it.
I spoke to the guys at Jamf and they also said that my 10.6 OD environment would be unaffected.