- Jamf Nation Community
- Products
- Jamf Pro
- Netsus for Mojave
Options
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Mute
- Printer Friendly Page
Netsus for Mojave
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Posted on 09-25-2018 10:41 AM
Is anyone out there using NETSUS for Mojave? If so, what was your success? Do you have to create a separate branch for Mojave users?
Or, what steps did you take to get there? I'm not currently using Mojave and won't until they iron out the issues, but just wanted to see how things are going for anyone who has done this. According to: https://github.com/wdas/reposado/blob/master/docs/client_configuration.md
, it looks like you just need to change to add index-10.14 into the branch naming. Is that what everyone else has experienced, or do you need to run this on clients as well now that it's out of beta?:
sudo defaults write /Library/Preferences/com.apple.SoftwareUpdate SUDisableEVCheck -bool YES
Reply
11 REPLIES 11
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Posted on 09-25-2018 11:09 AM
When I look in mycorp.org/content/catalogs/others/ on the web, I don't see the index for 10.14. Anyone else see that yet in there? Thanks!
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Posted on 09-25-2018 11:09 AM
Also, pointing it to that did not work on the client side either, as expected due to it.
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Posted on 09-28-2018 03:12 AM
I edited 2 files to make 10.14 work with NetSUS:
add ('https://swscan.apple.com/content/catalogs/others/'
'index-10.14-10.13-10.12-10.11-10.10-10.9-mountainlion-lion-snowleopard-'
'leopard.merged-1.sucatalog')
to /var/lib/reposado/reposadolib/reposadypy
add RewriteCond %{HTTP_USER_AGENT} Darwin/18
RewriteRule ^/index.sucatalog$ http://%{HTTP_HOST}/index-10.14-10.13-10.12-10.11-10.10-10.9-mountainlion-lion-snowleopard-leopard.merged-1.sucatalog
to /etc/apache2/sites-enabled/000-default.conf
run /var/lib/reposado/repo_sync and verify the new updates are added
restart apache
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Posted on 09-28-2018 07:17 AM
It actually looks like they're going to be releasing version 5 very shortly if you look at the NetSUS GitHub site. The PR is massive - https://github.com/jamf/NetSUS/pull/111
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Posted on 10-01-2018 02:19 PM
What's the best way to upgrade 4.2.1 to 5.0? Or, do you make a new server?
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Posted on 10-02-2018 05:36 AM
I asked or VM admin to spin up a new server. There is not much to configure other than change account password / AD integration, set time zone and select catalogs to sync. Next step is to redirect select test computers to this new netsus. If all goes well, I'll put in a request to swap the DNS name.
Reply
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Posted on 10-02-2018 05:44 AM
Netsus 5, initial sync is taking a really long time. I checked the "Store Updates on this Server" and I'm guessing it is downloading the Apple updates onto the Netsus server. So far 40GB downloaded and still growing.
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Posted on 10-02-2018 07:40 AM
If you're storing updates on the NetSUS box then it will be a very long initial sync. With just the 10.12, 10.13, and 10.14 catalogs selected it was about 400GB.
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Posted on 10-02-2018 09:45 AM
I appreciate all the helpful comments everyone. I'll look at getting a new server spun up and have it switched over when all is good.
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Posted on 11-28-2018 03:00 PM
I finally got the NetSUS 5.0 SUS to work for Mojave clients. Maybe the following is helpful to anyone…
The usual was setting our SUS on a client like so:
sudo defaults write /Library/Preferences/com.apple.SoftwareUpdate
CatalogURL https://oursus.ourdomain.tldDespite having a proper (letsencrypt) certificate (which was entered into the web UI manually), I had to disable extended TLS certificate validation on the client like so:
sudo defaults write /Library/Preferences/com.apple.SoftwareUpdate
SUDisableEVCheck -bool TRUEOtherwise when doing a softwareupdate -l on a client I'd get an error message like Can’t establish a secure connection to the Apple Software Update server.
And finally (not sure if this was actually needed) I adjusted a pattern in some javascript validation code, so it would let me set a https base URL, for which I opened this issue
Reply
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Posted on 12-07-2018 05:46 AM
Just an idea for those struggling with Mojave Certificate issue with NetSUS 5. You can host the catalog files on a secure public web server and redirect the clients to that secure public URL. Added bonus, remote clients don't need VPN to check for updates. The only extra step is asking the web admin to copy and overwrite the files every time the catalogs are updated through Netsus. Our savvy web admin even offloaded the task by automating the copy at a scheduled interval.
