Full Admin rights and I can't log into Self Service or run Terminal commands

SPS_Seth
New Contributor

Sorry if this a redundant question, but I'm having a hard time narrowing down a discussion that helps. Running Jamf 10.9, but problem has spanned multiple versions.

I have full rights as a Jamf admin at our site. I can do everything on the web interface, on the server, Admin, Recon, etc. But, when I try to log into Self Service on ANY computer I get the error "Self Service can't connect to the server". Anyone else can, even standard end users, sign in right after I get the error.

The other issue I have is when logged in with my AD account (admin rights enabled, managed, mobile) on ANY computer, I get an error running any Jamf commands in the Terminal. No error number, just a generic "An error occured". OS version doesn't matter. Also, any computer I'm signed into with my AD account will not do the auto inventory update until I login as the local admin. So my workstation and laptop will not update it's inventory. They do check in fine.

We've deleted my Jamf account and cloned a different admin that has no issues, no change. We've checked LDAP settings to match and our AD credentials are the same. I've been dealing with it by using the local admin account to run commands and pulling packages straight from the server, but it is getting tiresome after a year and a half. I was hoping when we've run upgrades to Jamf, it would fix itself. I should have known better.

4 REPLIES 4

allanp81
Valued Contributor

Not sure about the first issue, but what shell is set for your AD accounts?

larry_barrett
Valued Contributor

Ran into something similar today. Check the Users tab -> Search

See if you have duplicate entries for your name.

caboundeh
New Contributor II

I have had this issue when the time is out of scope. With any OS before Mojave, you can run sudo ntpdate -u what ever your time server is.

cbennett
New Contributor

@SPS_Seth Did you ever find the solution? I am having the same issue, but with the Recon application and it's one user from an ldap group. The rest of the group members can log into Recon and run it, but this one account gets a Connection Failure error every time. I checked for a duplicate account and there isn't one.