Help

Software Updates OSX Server10.7

abz_mungul
New Contributor III

Posted on ‎12-01-2011 08:01 AM

Hi All

I wanted to know if anyone had success with this, I'm trying to get Apple
updates working, but because we are behind an authenticated Proxy (we are
using Squid) I'm have "no Connection" errors.

I've tried using squidman but with limited/unreliable success.

So far the way I've partially got around the problem is to bypass each of
the URLs in the squid config file

The problem is that i can't download any updates above 10.5 possibly
because Apple have changed the URLs for 10.6 and 10.7 updates

Anyway, to get around this problem im thinking of using to networks connect
to my xserve

Interface 0 will be for our internal LAN

Interface 1 will be a different network with non proxy connection to the
internet

does anyone know if this is possible or a better way of doing this?

I assume I have to change the routing tables on the Xserve, but wanted to
hear other views before I action this

Thanks

Abz

-- Network and Server Operational Support

Mobile: 07771 725 785

Los Angeles · Detroit · Toronto · New York · London · Cologne · Stockholm ·
Singapore · Hong Kong · Shanghai · Tokyo · Sydney

Imagination · London
25 Store Street South Crescent, London WC1E 7BL, United Kingdom
Tel +44 20 7323 3300 Fax +44 20 7462 2837
www.imagination.com

0 Kudos
Reply
12 REPLIES 12

Walter
New Contributor II

Posted on ‎12-01-2011 12:27 AM

Jared,

Perhaps you could post a KB on JAMF Nation linking to Apple's KB (your KB on Apple's website).

Walter
--
Walter Rowe, System Hosting
Enterprise Systems / OISM
walter.rowe at nist.gov<mailto:walter.rowe at nist.gov>
301-975-2885

0 Kudos
Reply

bentoms
Release Candidate Programs Tester

Posted on ‎12-01-2011 08:49 AM

Hi Abz,

I'm having issues with non-authenticated proxy too.

Currently having a SUS with direct access seems to work.

This advises to n to use a proxy (http://support.apple.com/kb/ht3923).

The interface option MAY work, but i'd do it in the opposite order OR possibly have a master sus that is unproxied & is using just external DNS & then replicate from there (http://support.apple.com/kb/HT3765).

0 Kudos
Reply

abz_mungul
New Contributor III

Posted on ‎12-01-2011 09:44 AM

Hi Ben

It just makes no sense why Apple would do this, most corporate environments
have Proxy connections, frustrating to say the least.

Just so I'm clear with the replication option

  1. Have a master "update Server" that has direct access to the internet,
    get this to download all the updates

  2. cascade this to "internal" Casper Server and use this to push out

What I previously tried was to get the updates downloaded via a OSX Server
that had direct Internet access then manually copy the downloaded files to
the same directory on my Casper Server..hoping it would pick up the
updates...unfortunately it did not. *Sigh*

A

0 Kudos
Reply

Walter
New Contributor II

Posted on ‎12-01-2011 10:44 AM

On a client, you can configure proxies. You can do that on servers too. Web browsing with Safari uses those proxies. Does SUS honor those proxy settings?
--
Walter Rowe, System Hosting
Enterprise Systems / OISM
walter.rowe at nist.gov<mailto:walter.rowe at nist.gov>
301-975-2885

0 Kudos
Reply

abz_mungul
New Contributor III

Posted on ‎12-01-2011 10:48 AM

it doesn't seem so, which is annoying

0 Kudos
Reply

nessts
Valued Contributor II

Posted on ‎12-01-2011 10:50 AM

mine work through the proxy.
--
Todd Ness
Technology Consultant/Non-Windows Services
Americas Regional Delivery Engineering
HP Enterprise Services

0 Kudos
Reply

bentoms
Release Candidate Programs Tester

Posted on ‎12-01-2011 11:07 AM

Thanks Walter & Todd. Are you guys using a PAC file or do you manually enter the proxies settings?

I was just going by the difficulties I've had & the following KB http://support.apple.com/kb/ht3923

AFAIK the issue is that some unix executables are not proxy aware.

Regards,

Ben.

0 Kudos
Reply

jarednichols
Honored Contributor

Posted on ‎12-01-2011 11:19 AM

Have a look at this one: http://support.apple.com/kb/TS3099

I pretty much wrote it for Apple. My name should be on that damn article... I've still found instances beyond 10.6.3 where you need to modify the LaunchDaemon.

j
---
Jared F. Nichols
Desktop Engineer, Client Services
Information Services Department
MIT Lincoln Laboratory
244 Wood Street
Lexington, Massachusetts 02420
781.981.5436

0 Kudos
Reply

bentoms
Release Candidate Programs Tester

Posted on ‎12-01-2011 11:30 AM

Many thanks Jared.

Looks like I need to stop using the PAC file.

Maybe the same issue for you Abz?

Regards,

Ben.

0 Kudos
Reply

bentoms
Release Candidate Programs Tester

Posted on ‎12-01-2011 11:37 AM

Also, is there a trick to searching apple KB's?? I didn't get those KB's appear when I was searching earlier. :(

Regards,

Ben.

0 Kudos
Reply

bentoms
Release Candidate Programs Tester

Posted on ‎12-01-2011 11:56 AM

Actually. The kb I linked is linked to by your KB's when you click the link about authenticated proxy.

(this is where we are going, so I guess I should still put the change request in).

Regards,

Ben.

0 Kudos
Reply

abz_mungul
New Contributor III

Posted on ‎12-02-2011 12:45 AM

Thanks all for your help

I'm going to have another play with proxyman to see where I get.

Then perhaps look into using two networks via two Ethernet cards

Abz

0 Kudos
Reply