Skip to main content
Question

Mac Computers are reporting but not checking in.

A
  • Anonymous

Hello,

We are facing problem in our environment as some of the Macs are reporting sending inventory to JSS Server after we run QuickAdd Package but not Checking in (Calling).
I tried running recon from the terminal but it says Certificate is not trusted.
We have a valid trusted certificate installed. This problem we are facing with some of the Mac Computers.
Do anyone facing same problem?

Regards,
Vinay

    4 replies

    J
    Forum|alt.badge.img+24
    • jarednichols
    • Valued Contributor
    • 1892 replies
    • December 5, 2011

    Is the certificate signed by an internal Certificate Authority? If so, you'll need to install the CA on all client machines and mark it explicitly as trusted for all functions.

    j
    ---
    Jared F. Nichols
    Desktop Engineer, Client Services
    Information Services Department
    MIT Lincoln Laboratory
    244 Wood Street
    Lexington, Massachusetts 02420
    781.981.5436

    A
    • Anonymous
    • 0 replies
    • December 6, 2011

    Hi Jared,

    Thanks for the reply.
    We have a trusted certificate which is working fine for all most all the clients we are having this Calling in (Checking in) issue is with some of the Mac Machines. I tried installing QuickAdd Package by taking remote after installation some of the Macs again started calling/reporting properly. But same QuickAdd package I am installing in some Macs I can see that Macs gives reporting date properly but not calling in. I tried running recon from the same Mac which is not calling in from the terminal it give error as follows...

    Retrieving Inventory Preferences from https://jssserver:8443//...
    The jamf binary could not connect to the JSS because the certificate is not trusted.
    Locating Hard Drive Information...
    Locating Hardware Information (Mac OS X 10.5.8)...
    Locating Applications...
    Locating Receipts...
    Finding Extension Attributes...
    Submitting data to https://jssserver:8443
    The jamf binary could not connect to the JSS because the certificate is not trusted.

    Regards,
    Vinay

    J
    Forum|alt.badge.img+24
    • jarednichols
    • Valued Contributor
    • 1892 replies
    • December 6, 2011

    Vinay-

    Is your output sanitized or is your server really called 'jssserver' ? If it's actually called 'jssserver' (which is fine) here's what I'm thinking:

    Is your certificate only issued for the FQDN of the server? If so, your configuration (server's shortname) does not match the name issued for the server. There's two ways around this:

    1. Configure your clients to use the FQDN of the server - using FQDNs for everything everywhere is more secure than using shortnames and relying upon your DNS to provide the full name
    2. Re-issue your server's certificate with Subject Alternative Names with a DNS entry for both the FQDN and the shortname of the server.

    Make sense?

    j
    ---
    Jared F. Nichols
    Desktop Engineer, Client Services
    Information Services Department
    MIT Lincoln Laboratory
    244 Wood Street
    Lexington, Massachusetts 02420
    781.981.5436

    D
    Forum|alt.badge.img+8
    • dhowell
    • Contributor
    • 61 replies
    • December 6, 2011

    I have a self signed one I have to have this in run like this sudo jamf createConf -server myserver.austinisd.org -k
    the -k trust the certificate no matter what, you also don't need the port/ You may want to open the package and check the postflight script to reflect this?
    D. Trey Howell ACMT, ACHDS, CCA
    trey.howell at austinisd.org
    Desktop Engineering
    twitter @aisdmacgeek

    Reply


    Most helpful members this week

    Terms & ConditionsCookie settingsAccessibility statement

    Cookie policy

    We use cookies to enhance and personalize your experience. If you accept you agree to our full cookie policy. Learn more about our cookies.

     
    Cookie settings