Jamf Nation Community

dyossi · ‎10-17-2013

I have created network segments for my Distribution Points and my Software Update Servers. If I want my users to switch to Apple servers for Software Updates outside my network can I do the following. Can I create a network segment of 1.0.0.1-255.255.255.254 and specify the Default Software Update Server as "No Software Update Server"? Will this switch the Update Server to Apple offsite and then use the Default Update servers that I have setup for my onsite network segments?

bog · ‎10-18-2013

Wouldn't that external range include all of your internal ranges?

mm2270 · ‎10-18-2013

@bog, No, thats not the way Network Segments work. You can define an "Internet" segment that encompasses all your internal smaller segments, but those smaller ones will still apply to any Macs that fall into them properly. That's essentially how we have things set up. As many Network Segments as we were able to identify were created in the JSS, and then we have a global "internet" one for any Macs that don't fall into any of those more specific ones.

@dyossi, as for how to get your Macs to point to Apple's SUS., I actually thought there was a built in "apple.com" one as part of the JSS, but looking again I only see "No Software Update server". I'm not sure if that actually reverts them back to apple.com or not though. I guess you can give it a try and see.

Edit: Ah, I know where the 'apple.com' address shows up now. In a policy within the Override default policy settings > Software Update Server list, but that may not actually help you in this case.

bentoms · ‎10-19-2013

@bog, just to echo @mm2270 that's what we do & it works well.

@dyossi there is also the JAMF binary command:

sudo jamf removeSWUSettings

If using self service or a policy, you could scope it to the external network segment. Then run the above command before performing a software update.

Jamf Nation Community

Network Segments and SUS