Jamf Nation Community

Do you know which plist lock files may be causing this?

Gabe Shackney
Princeton Public Schools

how are you building your base image? is it all models? I saw this on macbook airs then realized it was connecting to JSS once wireless script ran (I was using test base image built from macbook).

In the past I've built these on our newest portables (late 2012 macbook pro 13") and it has worked fine re-imaging anything with this base.

It seems when I test the image after it being built on another (same model) machine it continues this problem.

Gabe Shackney
Princeton Public Schools

Do you use a self signed or privately signed SSL cert?

We are using self signed. We have the checkbox unchecked that states "This JSS has a valid certificate installed". Is it possible its because I have a script to set the time zone after the fact?

Might be.

I was thinking either the time is out on te client so the SSL communication is failing

OR

The SSL cert is from an untrusted CA.

Not sure if any of that helps resolve.

We just use the built in one from the JSS, never had an issue up till now. Ill check on the time settings. Thanks!

So time settings didn't fix this, if I read my logs on the client after imaging it states firstrun install: Could not connect to the jss, then 20 sec later: The JSS is available.
Im getting really frustrated here. Don't like waiting 5 minutes for no reason.

Hmmm.. Are you using HTTPS distribution at all? (Should've asked @ the beginning).

Also, are you running any other scripts before? Perhaps involving setting up network ports??

This is just a base image. I've taken out all scripts.

We only use AFP. Not http.

I've tried this 6 times today deleting various files with no success.

So wondering if someone else can replicate my issue:
Using a 10.7.5 NetBoot image with Casper imaging 8.64 to load just a 10.7.5 base image and a recovery partition, nothing more (no other pkg or dmg installs).

After reboot check console under either all logs or system logs and search for either JAMF or jss. I'm seeing the firstrun enroll check for the jss connection and then it waits to try again for 5 minutes even though within another few seconds it shows the jss becoming available.

At this point I just want to be sure I'm not crazy.

Thanks again for all help provided!

Gabe Shackney
Princeton Public Schools

So I can also verify if I replace 8.64 with 8.63 of Casper Imaging on my netboot, that this connects immediately and enrolls quite fast. Looks like I'm just going to revert to 8.63 for now and just use 8.64 for ML imaging.

Gabe Shackney
Princeton Public Schools

Hi Game, We just confirmed the same behavior with Casper 8.7, and the com.jamfsoftware.firstrun.enroll LaunchDaemon specifies a start interval of 300 seconds, which explains the delay. We're trying to improve our imaging speed and are looking into the best way to get around the interval without reverse engineering the whole thing.

^ Correct. If the computer can not communicate with the JSS about 25 seconds after boot (how fast that daemon fires off) you will then have to wait 5 minutes.

We ran into this in one situation with a location that had a slow network. We put a package in that would reboot the machine about 10 seconds after the jamf helper came up. After the 2nd reboot it all ready had an established connection and enrolled immediately. Not the greatest of solutions but did the trick and only added about 40 extra seconds.

Has anyone worked out a conclusive fix for this?

@gshackney][/url][/url, this is a little off topic but where did you get Casper Imaging 8.74? We have an active support contract and "My Assets" only lists 8.73 as the latest version of 8.7x.

Looks like I was probably mistyping 8.64 back in the day...I can edit it...lol

Good spot though

Gabe Shackney
Princeton Public Schools