Jamf Nation Community

It sounds like the hostname you assigned to the JDS is internal only to your network. When you look at the JDS under server infrastructure, what hostname is set for it there?

Thank you. Let me start by cleaning up my hostname examples in this post.

Let's call the JSS URL https://server.pretendco.com:8443/

I can access this both internally and externally.

The JDS is running on the same box as the JSS so the JDS URL listed in JDS Instances/JDS/General is https://server.pretendco.com

Attempts with Casper Admin to connect from the WAN result in the following dialog:
The Master Distribution Point (server.pretendco.com) could not be mounted. https://server.pretendco.com/CasperShareDAV/
Verify the settings for this distribution point in the JSS are correct.

From the same remote Mac I am able to contact the share via a browser.
https://server.pretendco.com/CasperShare/

But the credentials don't work. I changed the self-generated passwords that were set upon creation of the JDS of both webDavWriteUsername and webDavReadUsername, but I still cannot authenticate.

Before I found your reply I tried setting up an AFP Distribution Point. I was successful, but only by opening up 548. I configured and successfully tested the download of packages via HTTP by using a browser to navigate https://server/pretendco.com/CasperShare/Packages/package.dmg

But if I close port 548 I can not use Casper Admin on the WAN.

Maybe I’m not fully understanding the purpose of HTTP in file share distribution points. It is only for the exection of policies, and not for access by Admin?

Thank you.

Casper Admin connects to your Master distribution point. From what I'm reading, it sounds like your Master is an AFP distribution point. Correct? That would explain why opening port 548 allows Casper Admin to connect.

Thanks talkingmoose.

I should have made clear how I've been testing this.

When I created this topic I had only a single JDS distribution point and no file share distribution point. To see how a file share distribution point may behave I then uninstalled that JDS.
https://jamfnation.jamfsoftware.com/article.html?id=340

After the uninstall I created the AFP distribution point.

So I've just been going back-and-forth that way. When I add back the JDS I repopulate the packages and turn off the AFP distribution point. Until I get the JDS working via WAN I want only a single distribution point.

Is the point of enabling HTTP on file share distribution points to enable deployment of policies via WAN, and is not used by Casper Admin? Is there any other reason for HTTP?

So, we have two kinds of HTTP-driven distribution points now.

The first is the HTTP/HTTPS you enable in the File Share Distribution Points. This has two primary advantages:

1. It works over ports 80 and 443. Two common ports that aren't blocked as often by firewalls and therefore have a better chance of working to deploy packages where network restrictions are tight.
2. Resumable downloads. If transfer of a large package is interrupted at 99%, you don't have to download that 99% again to get the last 1%.

The second is JDS, which uses WebDAV for deployment. JAMF has made the installer for both OS X and Linux. It has the same advantages as HTTP/S (not sure about the resumable downloads) plus includes replication to other JDS systems as well as bandwidth throttling built in for transferring packages across narrow WAN links.