Help

Slow to shutdown when not connect to internal network.

jhalvorson
Valued Contributor

Posted on ‎05-19-2009 02:47 PM

Multiple Macs are slow to shutdown when not connect to our internal network.
The shutdown process takes about 60 seconds. If they are connect to our
internal network, the shutdown process is quick.

The reports from users come in waves. It's not entirely clear to me if it
is related certain updates from Apple, but the problem is occurring again.

I've compared the Console "All Messages" between a normal shutdown and the
slow shut down. The normal shutdown occurred when the same system was
connected to our internal network. The key difference that I see is the one
minute pause when JAMF is attempting to check for logout policies:

5/19/09 3:39:09 PM com.apple.loginwindow[34] Checking for policies
triggered by "logout" for user "mac"...
5/19/09 3:39:09 PM com.apple.loginwindow[34] Gathering Policy
Information from https://jss.domain.edu:8443/...
5/19/09 3:40:09 PM com.apple.loginwindow[34] Could not connect to the
JSS. Looking for cached policies...

Besides exposing the jss to our DMZ, is there any other way to avoid this?
Is it really the JAMF client that causing the delay on shutdown or it is
something with Mac OS X 10.5.7?

Jason

0 Kudos
Reply
3 REPLIES 3

Chittles
New Contributor

Posted on ‎06-03-2009 12:34 AM

Hi Jason,

I was plagued with the same issue and would hear about it from some of our
users sporadically. I had the same log msgs you list. After working with
JAMF support, we discovered that the issue was with my ISP. In my case, the
problem was that my provider routes unresolvable domain requests to their
own custom search page. When the JSS task would try to run at logout, it
would look for our internal server, my ISP would see it was unresolvable and
route it through a slew of hops and land on their domain server. The JSS
task, not receiving instructions, would wait for roughly one minute before
finally giving up. My ISP provides alternate 'opt-out' DNS servers, so I
popped those in my Network settings and voila! all good.

You can quickly check to see if this is happening to your users by having
them run a traceroute in Terminal (traceroute yourJSSserver.mayo.edu) or
Network Utility from their outside networks. If it doesn't die immediately
and looks like it is trying to resolve it, then they may be having the same
issue. If so, a quick workaround (while you search for a more permanent
fix) is to have them turn off their network connections before logging
out/shutting down.

Good luck!

David

0 Kudos
Reply

Not applicable

Posted on ‎06-03-2009 11:12 PM

Dear Jason and David,
I have the same problem, of course my JSS is a private network, but still the same issue.

My main problem is that I deployed this on all the laptops inhouse, and they use them all around the world and home for work.

I have think of 2 solutions

1- Reduce the amount of time JSS takes to contact the server. Do anybody knows how to do this?
2- Create an logout and login script hook to disable/enable network ports. Have you something like this? I will try to focus on this before next week or ask the people from JSS at the WWDC

cheers and many thanks
carmelo

0 Kudos
Reply

Not applicable

Posted on ‎06-04-2009 12:32 AM

Hi all,

so far this is what I did to fix this issue until Jamfsoftware comes with a solution

- create 2 scripts, one to disable network on logout and one to enable on login

enable-net.sh

#!/bin/bash

ifconfig en1 up

ifconfig en0 up

disable-net.sh

#!/bin/bash

ifconfig en1 down

ifconfig en0 down

- Create a package to deploy this 2 files (with 777 permissions) to /

- Create a package to run the fix script

Now I modified the LoginHook and LogoutHook with an script

Network-fix.sh

#!/bin/sh

defaults write com.apple.loginwindow LoginHook /enable-net.sh

defaults write com.apple.loginwindow LogoutHook /disable-net.sh

Hope this helps somebody.

If you have an easier solution, please let me know

cheers

Carmelo

0 Kudos
Reply