- Jamf Nation Community
- Products
- Jamf Pro
- Re: How to change IP of JSS?
Options
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Mute
- Printer Friendly Page
How to change IP of JSS?
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Posted on 08-12-2011 01:23 PM
If you have to re-ip your JSS, how do you make that change and get it out to all your clients?
--
Walter Rowe, System Hosting
Enterprise Systems / OISM
walter.rowe at nist.gov<mailto:walter.rowe at nist.gov>
301-975-2885
14 REPLIES 14
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Posted on 08-12-2011 01:28 PM
Ideally use DNS in the 1st instance.
BUT do you have ARD? create a new quickadd & install using ard.
Regards,
Ben.
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Posted on 08-12-2011 01:31 PM
edit the /etc/jamf.conf file, though I strongly suggest you use DNS for the JSS so you can change the IP whenever you want
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Posted on 08-12-2011 01:39 PM
Actually. Change from IP to dns (using old IP). I think installing the quickadd will change clients to use DNS.
Then once all have been updated, change IP.
Regards,
Ben.
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Posted on 08-12-2011 01:39 PM
Definitely use DNS!
This may sound a little incestuous but I use Managed Preferences in the JSS to define my JSS server address. If you can get a DNS name configured now then enter that. Your machines will pick up the name and you can change your IP address any time you're confident that they're all updated.
--
William Smith
Technical Analyst
Merrill Communications LLC
(651) 632-1492
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Posted on 08-12-2011 02:00 PM
In the JSS Server Settings we are using FQDN, not IP address.
--
Walter Rowe, System Hosting
Enterprise Systems / OISM
walter.rowe at nist.gov<mailto:walter.rowe at nist.gov>
301-975-2885
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Posted on 08-12-2011 02:06 PM
Then surely IP will not matter.
Regards,
Ben.
Not applicable
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Posted on 08-12-2011 02:17 PM
Just a thought, but say I just wanted to change DNS first to ease changing the JSS in the future. Assume the actual host/IP is staying the same for the time being. If I defined an alias (CNAME or another A record) in internal DNS first, then created a quickadd pkg, and finally scoped it to all of the machines would this take care of it? Where does the initial config during imaging get defined at? What's a better DNS strategy - multiple a-records or a CNAME?
From my limited DNS experience:
CNAME = jss.mydomain.com --> xserve.mydomain.com --> 172.16.50.10
vs multiple A records
A record = xserve.mydomain.com --> 172.16.50.10
A record = jss.mydomain.com --> 172.16.50.10
172.16.50.10 --> xserve.mydomain.com, jss.mydomain.com
Not applicable
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Posted on 08-12-2011 02:37 PM
It not recommended to have two A records for the same machine. Mac Server will complain loudly at having two A records.
Sent from my iPhone
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Posted on 08-12-2011 02:46 PM
My philosophy...
On 8/12/11 4:17 PM, "Aaron" <a.robinson.lists at gmail.com> wrote:
You should only have one A record for a host so that you're able to able
to properly use reverse lookups on your network. Host names resolve to IP
addresses and IP addresses resolve to host names. And we try not to use
host names in DNS that describe the function of the box because that
function could change.
CNAMEs/aliases should point to A records and be used to identify functions
or processes.
For example, we have a server called mac01.example.com. This server is
named according to our standard naming convention for servers.
I have the Quark License Administrator server software running on
mac01.example.com and I have my Casper JSS running there as well.
I point all my QLA clients to qlaprimary.example.com and all my SAV
clients to liveupdate.example.com
CNAME --> Host name --> IP qlaprimary.example.com --> mac01.example.com --> 10.0.0.1 jss.example.com --> mac01.example.com --> 10.0.0.1
At any time I can move qlaprimary and liveupdate to a different box or two
different boxes without any disruption in service by redirecting the
CNAME. I can also change the IP address if that's really needed
qlaprimary.example.com --> mac02.example.com --> 10.0.0.2
jss.example.com --> mac03.example.com --> 10.0.0.3
--
William Smith
Technical Analyst
Merrill Communications LLC
(651) 632-1492
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Posted on 08-12-2011 02:50 PM
Should read:
On 8/12/11 4:46 PM, "Smith, William" <William.Smith at merrillcorp.com> wrote:
"I point all my QLA clients to qlaprimary.example.com and all my Casper
clients to jss.example.com"
--
William Smith
Technical Analyst
Merrill Communications LLC
(651) 632-1492
Not applicable
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Posted on 08-12-2011 03:15 PM
Thanks William.
So as to not hijack the thread, using a hostname rather than an IP is good (as we all know).
Going back to Walter:
"how do you make that [IP address] change and get it out to all your clients?"
It would seem that since he is using the FQDN for the jss, then he should be able to change the IP of the JSS using the standard method for his OS, and then change DNS to point jss.example.com to the new IP. Since clients point to jss.example.com, they shouldn't need any changes other than dns being flushed correct?
Optionally, using a CNAME or something similar will make it easier to move the service to different hosts even if the old host remained active since since the CNAME would just need to be updated and clients could then be left alone.
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Posted on 08-12-2011 06:55 PM
Definitely. So long as the Macs are using a DNS name instead of IP address
On 8/12/11 5:15 PM, "Aaron" <a.robinson.lists at gmail.com> wrote:
then just change the IP and update DNS's A record.
Maybe Walter was making sure that changing the IP address of the JSS
wouldn't affect any of its services. I don't see why it should.
--
William Smith
Technical Analyst
Merrill Communications LLC
(651) 632-1492
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Posted on 08-13-2011 07:05 AM
Also, changing the IP or FQDN of OS X Server you need to do it via the changeip command, see here:
http://developer.apple.com/library/mac/#documentation/Darwin/Reference/ManPages/man8/changeip.8.html
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Posted on 08-15-2011 05:27 AM
My input seeing how everyone's already said use DNS... always, always, always use FQDN hostnames on any client when you define a server, especially if you're using an SSL certificate on the server. This will prevent man-in-the-middle attacks or even innocent hiccups. It's a security best practice.
j
---
Jared F. Nichols
Desktop Engineer, Client Services
Information Services Department
MIT Lincoln Laboratory
244 Wood Street
Lexington, Massachusetts 02420
781.981.5436
On Aug 13, 2011, at 10:05 AM, Thomas Larkin wrote:
Also, changing the IP or FQDN of OS X Server you need to do it via the changeip command, see here:
http://developer.apple.com/library/mac/#documentation/Darwin/Reference/ManPages/man8/changeip.8.html
