Help for a noob!

g1za
New Contributor III

Can someone tell me the process to rebinding a client to JSS please.
Being new to the management of a mac network with JSS i could really do with your help!

2 ACCEPTED SOLUTIONS

franton
Valued Contributor III

Ok that's not anything to do with a "bind" to the JSS, that's your Active Directory. That error states that the computer is already bound to AD and you're trying to bind it again.

You should now check the following:

1) Is the computer present in your Active Directory? You'll need to check from a PC and the Active Directory Users & Computers application.
2) Does the computer think it's bound? Easiest way is in Users & Groups in System Preferences. Click on Login Options and see if "Network Account Server" is set to anything.

Any mismatch between these two places is bad. You should be in both or neither.

View solution in original post

g1za
New Contributor III

Hi Franton,

Thanks for the replies.

The computer is deleted in A.D and doesn't show there.
Yes the client thinks it's attached to our domain.

I think with your help i have sorted it by removing it from the domain and rejoining it.

Thanks for your help!

View solution in original post

10 REPLIES 10

franton
Valued Contributor III

Open up a terminal window. Type the following (assuming your logged in user account has admin rights)

sudo jamf enroll

Enter your password. Done!

franton
Valued Contributor III

Failing that, there's the Recon utility as supplied by JAMF.

g1za
New Contributor III

thanks it did the process, but not bound it

RobertHammen
Valued Contributor II

sudo jamf checkJSSConnection should tell you if the client is pointed to the JSS.

After you do the sudo jamf recon, do the "Last Time" and "Last Report" dates change? Do any pending policies run?

sudo jamf policy -trigger {every5/every15,login,logout,startup,custom} should run any pending policies.

Otherwise, try running the Recon app - or, if you've enabled browser-based enrollment in your JSS, on the client you can point a web browser to https://your.jss.name:8443/enroll and re-enroll the client that way...

g1za
New Contributor III

Thanks for the replies and i've done all of those and none seem to bind to JSS.
Checking JSS Connection results in the JSS is available
Enrolling results in

mediastaff-01:~ appleadmin$ sudo jamf enroll
Downloading the JSS CA Certificate...
There were (1) previous JAMF device identities found on this computer. Removing...
This computer was successfully enrolled to the JSS with the following device certificate: "AE0F075C-E430-57F0-9734-ADEE4BE53EC9"
Retrieving inventory preferences from https://sc-srv-sc01-mac.sc.internal:8443/...
Finding extension attributes...
Locating hard drive information...
Locating hardware information (Mac OS X 10.8.1)...
Executing Unix applications...
Locating accounts...
Locating applications...
Locating package receipts...
Gathering application usage information...
Locating printers...
Submitting data to https://sc-srv-sc01-mac.sc.internal:8443/...
<computer_id>118</computer_id>
The management framework will be enforced as soon as all policies are done executing.

g1za
New Contributor III

Thanks for the replies and i've done all of those and none seem to bind to JSS.

I've deleted the client in A.D

Checking JSS Connection results in the JSS is available

Enrolling results in

mediastaff-01:~ appleadmin$ sudo jamf enroll
Downloading the JSS CA Certificate...
There were (1) previous JAMF device identities found on this computer. Removing...
This computer was successfully enrolled to the JSS with the following device certificate: "AE0F075C-E430-57F0-9734-ADEE4BE53EC9"
Retrieving inventory preferences from https://sc-srv-sc01-mac.sc.internal:8443/...
Finding extension attributes...
Locating hard drive information...
Locating hardware information (Mac OS X 10.8.1)...
Executing Unix applications...
Locating accounts...
Locating applications...
Locating package receipts...
Gathering application usage information...
Locating printers...
Submitting data to https://sc-srv-sc01-mac.sc.internal:8443/...
<computer_id>118</computer_id>
The management framework will be enforced as soon as all policies are done executing.

Tried to bind through Casper Remote and also in JSS

g1za
New Contributor III

Log for the error to bind from Casper Remote the last line says:

An error occurred binding to Active Directory: dsconfigad: This computer is already 'bound' to Active Directory. You must 'unbind' with '-remove' first. (Attempt 1)

As i'm a total newbie what would the command be in in terminal?

sudo jamf unbind????

franton
Valued Contributor III

Ok that's not anything to do with a "bind" to the JSS, that's your Active Directory. That error states that the computer is already bound to AD and you're trying to bind it again.

You should now check the following:

1) Is the computer present in your Active Directory? You'll need to check from a PC and the Active Directory Users & Computers application.
2) Does the computer think it's bound? Easiest way is in Users & Groups in System Preferences. Click on Login Options and see if "Network Account Server" is set to anything.

Any mismatch between these two places is bad. You should be in both or neither.

g1za
New Contributor III

Hi Franton,

Thanks for the replies.

The computer is deleted in A.D and doesn't show there.
Yes the client thinks it's attached to our domain.

I think with your help i have sorted it by removing it from the domain and rejoining it.

Thanks for your help!

Hayden_Webb
New Contributor III

sudo jamf enroll -prompt