Jamf Nation Community

roiegat · ‎12-09-2015

So I got three NetSUS's working nicely in our environment and 99% of the machines are able to connect to it fine and get updates. So I've been working on that 1% and found a pattern. When they try to run the softwareupdate -l command it shows the following error:

Software Update Tool
Copyright 2002-2012 Apple Inc.

Finding available software
2015-12-09 09:51:59.890 softwareupdate[2284:23223] 2284: CFNetwork internal error (0xc01a:/SourceCache/CFNetwork/CFNetwork-720.3.13/ProjectRuntime/SerializableArchive.cpp:560)
2015-12-09 09:51:59.890 softwareupdate[2284:23223] 2284: CFNetwork internal error (0xc01a:/SourceCache/CFNetwork/CFNetwork-720.3.13/ProjectRuntime/SerializableArchive.cpp:163)
2015-12-09 09:51:59.890 softwareupdate[2284:23223] 2284: CFNetwork internal error (0xc01a:/SourceCache/CFNetwork/CFNetwork-720.3.13/ProjectRuntime/SerializableArchive.cpp:560)
2015-12-09 09:51:59.890 softwareupdate[2284:23223] 2284: CFNetwork internal error (0xc01a:/SourceCache/CFNetwork/CFNetwork-720.3.13/ProjectRuntime/SerializableArchive.cpp:163)
2015-12-09 09:52:00.045 softwareupdate[2284:23223] 2284: CFNetwork internal error (0xc01a:/SourceCache/CFNetwork/CFNetwork-720.3.13/ProjectRuntime/SerializableArchive.cpp:560)
2015-12-09 09:52:00.045 softwareupdate[2284:23223] 2284: CFNetwork internal error (0xc01a:/SourceCache/CFNetwork/CFNetwork-720.3.13/ProjectRuntime/SerializableArchive.cpp:163)
2015-12-09 09:52:00.045 softwareupdate[2284:23223] 2284: CFNetwork internal error (0xc01a:/SourceCache/CFNetwork/CFNetwork-720.3.13/ProjectRuntime/SerializableArchive.cpp:560)
2015-12-09 09:52:00.045 softwareupdate[2284:23223] 2284: CFNetwork internal error (0xc01a:/SourceCache/CFNetwork/CFNetwork-720.3.13/ProjectRuntime/SerializableArchive.cpp:163)
Can't load data from the Apple Software Update server.

Can't seem to figure out whats causing this. The machines are able to talk to Casper fine and get policies without issue. All network settings on them are working fine. What am I missing?

bentoms · ‎12-09-2015

@roiegat Proxy?

roiegat · ‎12-09-2015

@bentoms We use proxy to get to external sites, but all the NetSus are internal. So in theory it should be using the proxy right?

Josh_Smith · ‎12-09-2015

Are the 1% missing a proxy exception and trying to go external for your internal SUS? Can you ping the proxy server by DNS name? By IP?

roiegat · ‎12-09-2015

@Josh.Smith Just checked on one of the machines and it's got the proxy bypass with the right information and I can ping the proxy from the computer itself. I can also get to external websites from the machine as well. So it's very perplexing.

UPDATE: Also just ssh'd into one of the effected machines and was able to run the curl command and get the html from the SUS ok...so it can talk to the SUS ok. Just getting the error on softwareudpate -l command.

Josh_Smith · ‎12-09-2015

@roiegat Sorry that was a mistake by me....I meant ping the SUS, not the proxy. You might want to verify the machine is looking at the right SUS too, if you haven't:

defaults read /Library/Preferences/com.apple.SoftwareUpdate CatalogURL

roiegat · ‎12-09-2015

@John.Smith Yeah it's pingable......which is the odd part. I have the defautls command as a extension attribute to make sure the machines are pointed to the right servers. I ran it locally on the machine and it's pointing correctly.

So here's another oddity I just discovered. If I run softwareupdate -l or -ia on the machines, I get the errors above. But if I run a sudo jamf policy with a policy that runs the software update - it works fine. It makes no sense.

So I might have to change the script we use in building then to just call that policy. But it's essentially doing the same thing in setting the software udpate server and then asking for the updates.

Jamf Nation Community

Odd SUS error.....