Help

QuickAdd won't download from DMZ JSS

DBrowning
Valued Contributor II

Posted on ‎06-30-2015 04:46 AM

I have a JSS in the DMZ as a check-in point for when users are not on the internal network. I am 97% sure that if a machine attempted to enroll using https://casper.mydomain.com:8443/enroll they should be able to download the QuickAdd package no problem and install. What we are seeing is that the user will Auth when prompted and then click on the Download Button but they it just sticks there. Nothing ever downloads. If they jump on VPN and do the same steps the package downloads from the internal Master JSS.

Is this how it works or am I crazy thinking the package would download from the external JSS as well?

0 Kudos
10 REPLIES 10

kitzy
Contributor III

Posted on ‎06-30-2015 05:41 AM

The Quickadd.pkg should absolutely download from your DMZ JSS. What platform is your DMZ JSS hosted on? Is it different than your internal JSS?

0 Kudos

DBrowning
Valued Contributor II

Posted on ‎06-30-2015 09:34 AM

Both are Windows server 2012

0 Kudos

alexjdale
Valued Contributor III

Posted on ‎07-02-2015 07:46 AM

We've had lots of issues with the QuickAdd not downloading, like you described, but this is just on a standard JSS (9.63 on Win 2008 R2). I find if you go through the enrollment page twice it will usually download after the second time. I can't explain it.

0 Kudos

russeller
Contributor III

Posted on ‎07-03-2015 07:43 AM

Take a look at this: External JSS Network Segment

Good luck.

0 Kudos

DBrowning
Valued Contributor II

Posted on ‎07-09-2015 03:28 PM

@ssrussell @kitzy

so does the quick add download from a DP or from the JSS its self?

0 Kudos

russeller
Contributor III

Posted on ‎07-12-2015 04:35 PM

Sorry @ddcdennisb since you never have to upload a quick add package im assuming the JSS itself is generating the quick add.

If you are enrolling through Casper imaging it don't believe it ever uses a quick add rather it copies the JAMF binary and runs commands that would exist in postflight of the quick add (enrollment, etc)

Do you have one JSS or do you have multiple in a cluster or multiple JSS web front ends without a cluster? If you have 2 JSS web front ends that are not clustered maybe the external client is trying to talk to the main JSS and not the secondary.

@kitzy would probably have a better idea. Good luck.

0 Kudos

DBrowning
Valued Contributor II

Posted on ‎07-13-2015 04:11 AM

thanks @ssrussell I have 2 JSS's. One that is on a DMZ to allow for check-ins from outside our network. And the other is internal to our network. When someone external connects to the VPN the enrollment works fine when they go to https://jss.mycompany.com:8443/enroll but when they are external and NOT on VPN then the page just hangs after the Download Button is clicked and the download never starts.

0 Kudos

russeller
Contributor III

Posted on ‎07-13-2015 10:07 AM

@ddcdennisb You've probably already checked this Network Ports Used by the Casper Suite Have you been able to check these ports externally to make sure they are all working?

If you can log into your JSS externally (which I know is bad practice, but maybe for a test) You can go to:

Settings > Computer Management > Self Service and click the "Download" externally to see if that downloads. Hopefully that'll help rule out if it is something with enrollment or the JSS is not downloading.

You can change whether or not your can access the login for the JSS externally from:

Settings > System Settings > Limited Access

Good luck.

0 Kudos

DBrowning
Valued Contributor II

Posted on ‎07-14-2015 07:26 AM

@ssrussell so odd thing i found yesterday/last night. If you use Safari the quickadd package will download. Using Chrome or FireFox it will not download.

0 Kudos

tmuzica
New Contributor

Posted on ‎08-19-2015 02:10 PM

Try to open https://casper.mydomain.com:8443/enroll and apply your credentials one more time. In my case, I have to apply my credentials twice to make it work.

0 Kudos