Jamf Nation Community

Well then something is broken with the JAMF implementation. With the JAMF implementation, following their documentation, you create a branch and that is the URL you use with your machines.

I followed their instructions, and this is what I have in the admin web page:

external image link

If I use either one of those URLs, I have troubles seeing all of the updates.

For example, I have a 10.6.8 machine that I ran SU on with it pointed at Apple's SUS servers. The machine found two updates: SecUpd2012-001Snow-1.1 and RemoteDesktopClient-3.5.2. If I then point the machine to one of my internal URLs the machine only sees RemoteDesktopClient-3.5.2. If I then point the machine at one the OS specific URL (index-leopard-snowleopard.merged-1.sucatalog) it sees both of the updates again.

So, apparently something is not getting translated properly, or something is wrong in their coding.

Has anyone else seen this behavior?

Steve

if you tell it to use lion-snowleopard-leopard.merged-1 as the branch name you get /content/catalogs/index_lion-snowleopard-leopard.merged-1.sucatalog as an url. you can't through the gui make it/content/catalogs/index-lion-snowleopard-leopard.merged-1.sucatalog like Greg had mentioned.

Branch names are appended to the OS-specific catalogs. If you create a "testing" branch, you get the following catalogs:

content/catalogs/index_testing.sucatalog
content/catalogs/index-1_testing.sucatalog
content/catalogs/others/index-leopard.merged-1_testing.sucatalog
content/catalogs/others/index-leopard-snowleopard.merged-1_testing.sucatalog
content/catalogs/others/index-lion-snowleopard-leopard.merged-1_testing.sucatalog

Looking at the Apache config files in the NetSUS appliance, I see no evidence that they've implemented Apache redirects to enable you to use a "unified" CatalogURL. Perhaps JAMF's management software takes care of that if you are using it.

In any case, you should try pointing your clients to the OS-specific version of your catalog branch to see if that allows your clients to see the new updates.

I've gone ahead and opened a case with support, because I am not getting the results you'd expect from any of these URLs.

I'll update this posting with any findings.

Steve

Yep, Andrew's right, and so was Greg, which was expected since he wrote the software. :-)

I had a call with Eric Krause from JAMF and he basically said exactly what Greg did in that last post. After changing my URL to be:

http://sus.integerdallas.com/content/catalogs/others/index-leopard-snowleopard.merged-1_everyone.sucatalog

I received the expected results.

Eric mentioned that they would update the documentation to show this, and that they would work on possibly doing an Apache rewrite so that we can use one URL per branch instead of having to do specific URLs based on the OS flavor.

Steve

I am not having any luck in getting a test instance of the NetSUS appliance working correctly.

I have the appliance up on another box. I created a "testing" branch following the steps discussed here and enabled all updates after they synced down. The appliance is not hosting the actual updates, just the catalog. I can read the catalog URL in browser from another Mac. Specifically:

http://<server.address>/content/catalogs/others/index-lion-snowleopard-leopard.merged-1_testing.sucatalog

Its a Lion 10.7.4 Mac I'm testing from. I confirmed previously that this Mac needs a few updates.

Yet, when I do: sudo defaults write /Library/Preferences/com.apple.SoftwareUpdate CatalogURL http://<server.address>/content/catalogs/others/index-lion-snowleopard-leopard.merged-1_testing.sucatalog
and then run Software Update, I get an immediate error that it can't contact the server. Keep in mind, this is the same Mac where I can see the full catalog in the browser, so I can obviously read it.

Prior to this, I had created another more specifically named branch called "lion-snowleopard-leopard.merged-1.testing.sucatalog" but when I did that I noticed the URL in the appliance would read as "index_" not "index-" (note the underscore instead of hyphen) When I had that created, I was finding that Software Update would see the catalog, but would report "No updates found" which I'm 100% positive is not true for this Mac. I then found this thread and Greg's comment that the OS specific branches get created automatically, so I deleted the old one and created the one above. But now when I point to it, Software Update can't see the server at all. *Sigh*. Any ideas what I'm doing wrong here?

Edit: I forgot to mention that this server does not have a FQDN assigned to it, so its just using an IP addy. Not sure if that makes any difference, but it never has made a difference with our OS X Servers running SUS, so I assumed not.

It's not *too* difficult to modify the server to supply MacOS 10.7.x clients with updates without having to use managed preferences. Just need to have access to, and know how to use, the command line.

# Enable the Apache Rewrite Engine

$ sudo a2enmod rewrite

# Edit the file "/etc/apache2/sites-enabled/000-default" (need to be root or use sudo to edit the file, I prefer to use "vi", but "nano" should work as well and is a bit more user friendly).

$ sudo nano /etc/apache2/sites-enabled/000-default

# After the line that reads "DocumentRoot /srv/SUS/html/" add the following three lines (it's been a while since I've modified an apache config file, not sure if this is the best location for these lines, but it works here).

RewriteEngine on RewriteCond %{HTTP_USER_AGENT} Darwin/11 RewriteRule ^/index.sucatalog$ /index-lion-snowleopard-leopard.merged-1.sucatalog

@andrewseago Are you able to point all your mac clients (10.6 ->10.7) to Example : http://reposado.yourcompany.com/content/catalogs/others/index-lion-snowleopard-leopard.merged-1_prod.sucatalog

?

Josh_S's method works. If you want to use .htaccess files inside /srv/SUS/html/ you will also need to add the entry AllowOverride All beneath RewriteEngine on.

With that set, you can add a .htaccess file inside /srv/SUS/html/ with the following, culled from the reposado documentation:

RewriteEngine On
Options FollowSymLinks
RewriteBase /
RewriteCond %{HTTP_USER_AGENT} Darwin/8
RewriteRule ^index(.).sucatalog$ content/catalogs/index$1.sucatalog [L]
RewriteCond %{HTTP_USER_AGENT} Darwin/9
RewriteRule ^index(.).sucatalog$ content/catalogs/others/index-leopard.merged-1$1.sucatalog [L]
RewriteCond %{HTTP_USER_AGENT} Darwin/10
RewriteRule ^index(.).sucatalog$ content/catalogs/others/index-leopard-snowleopard.merged-1$1.sucatalog [L]
RewriteCond %{HTTP_USER_AGENT} Darwin/11
RewriteRule ^index(.).sucatalog$ content/catalogs/others/index-lion-snowleopard-leopard.merged-1$1.sucatalog [L]
RewriteCond %{HTTP_USER_AGENT} Darwin/12
RewriteRule ^index(.*).sucatalog$ content/catalogs/others/index-mountainlion-lion-snowleopard-leopard.merged-1$1.sucatalog [L]

worked for me!

well my updates are downloaded but i cannot see the update files in the main window.