We've got a NetSUS setup - thanks to it, we're able to point the root account on our boxes to the internal NetSUS and get accurate reporting. I'm seeing a few odd things that I can't seem to account for though. More on that in a minute.
What I'm tying to accomplish:
1) Manage the SUS address used by our clients to connect to our internal SUS, to ensure that I'm able to report on available updates to the JSS (we're behind a proxy, so I've setup a SUS to ensure we can get reporting in the JSS)
2) Be able to manage the availability of those updates via the SUS, and ensure that that's all the clients will see
3) Have clients pull those updates down from Apple directly if need be
But I still seem to have 3 issues:
1) Client machines still appear to be hitting apple.com for their updates (no sign of our SUS name in the Software Update box's title bar)
2) When I manually set the /var/root/Library/com.apple.SoftwareUpdate preference to the internal NetSUS - now I see the title, but only 1/2 of the updates (even though the inventory JSS reports ALL of them correctly!?)
3) Setting the /var/root/ preference via the JSS (I'm being lazy and using the Advanced>Run Command portion in a policy), results in update availability being reported to the JSS, but not in the client actually using our SUS. Running the same command as root on the box - the exact same command, results in the SUS preference being set, and the Software Update window's title bar to reflect that it's connecting to our internal NetSUS.
I'm open to suggestions here - and a little baffeled why the same command issued directly on a client machine has a different result then the same command issued on via the JSS.
