From Chris.Lang at vu.edu.au Sun Aug 3 21:06:58 2008 From: Chris.Lang at vu.edu.au (Chris Lang) Date: Mon, 04 Aug 2008 14:06:58 +1000 Subject: [Casper] Packaging Symantec Antivirus version 10 Message-ID: Hi All, I am a new user to Casper and had a quick query. I have packaged up Symantec Antivirus for OS X version 10. Which seems to work fine. When I deploy it though the app works fine but live update and the scheduler fail with errors. Has anyone packaged this up successfully or had issues similar to mine when doing it? Regards, Chris Lang Chris Lang Support Services Advisor Client Services Information Technology Services Phone: +61 3 9919 2735 Fax: +61 3 9919 2785 Mobile: +61 411 259 496 Email: Chris.Lang at vu.edu.au -------------- next part -------------- An HTML attachment was scrubbed... URL: http://list.jamfsoftware.com/pipermail/casper/attachments/20080804/3b62bc41/attachment.html From william.smith at merrillcorp.com Mon Aug 4 07:34:59 2008 From: william.smith at merrillcorp.com (Smith, William) Date: Mon, 04 Aug 2008 09:34:59 -0500 Subject: [Casper] Packaging Symantec Antivirus version 10 In-Reply-To: Message-ID: On 8/3/08 11:06 PM, "Chris Lang" wrote: > Hi All, > > I am a new user to Casper and had a quick query. > > I have packaged up Symantec Antivirus for OS X version 10. Which seems to > work fine. When I deploy it though the app works fine but live update and the > scheduler fail with errors. Has anyone packaged this up successfully or had > issues similar to mine when doing it? Hi Chris! No need to package SAV. You can deploy .pkg files with Casper. We have created additional packages for preferences, internal LiveUpdate server address and the SACM client and also have a script that runs after imaging to update antivirus definitions. Be sure you're running the latest version, which is 10.2.x, so that you also get the menu icon. With 10.1 and earlier that was a separate install. -- bill William M. Smith, Technical Analyst MCS IT Merrill Communications, LLC (651) 632-1492 From ERNSTCS at uwec.edu Mon Aug 4 13:20:39 2008 From: ERNSTCS at uwec.edu (Ernst, Craig S.) Date: Mon, 4 Aug 2008 15:20:39 -0500 Subject: [Casper] Old Xserve Hardware Message-ID: Afternoon, Totally unrelated to the JSS product (although they did run it for me for a long time now), but I'm drawing on the community aspect of JAMF here. I have two PowerPC Xserve G5 systems, Single 2GHz, 2GB, 3 x 80GB drives, and I'm wondering if there is any interest in them somehow. I'm not really seeing much for these systems on eBay. They need a good home for the right price...which currently has not been set. Ping me if you have interest or forward on to someone who may. Thanks, Craig Ernst Systems Management & Configuration ---------------------------------- University of Wisconsin-Eau Claire Learning & Technology Services 105 Garfield Ave Eau Claire, WI 54701 Phone: (715) 836-3639 Fax: (715) 836-6001 ---------------------------------- ernstcs at uwec.edu From swood at integerdallas.com Mon Aug 4 16:14:03 2008 From: swood at integerdallas.com (Steve Wood) Date: Mon, 04 Aug 2008 18:14:03 -0500 Subject: [Casper] Change jamf Helper Splash Screen Message-ID: Is there a way to customize the new splash screen that shows up after imaging a machine and installing say Adobe products? Nice touch by the way, it makes it easier to notice a machine is being imaged still instead of looking for the jamf helper name in the menu bar. However, I?d like to throw our company logo in there maybe, and maybe throw some text in that splash screen. Is it possible? Steve Wood Director of IT swood at integerdallas.com The Integer Group | 1999 Bryan St. | Ste. 1700 | Dallas, TX 75201 T 214.758.6813 | F 214.758.6901 | C 940.312.2475 -- The information contained in this email transmission is solely for the addressee(s) named above and is privileged and/or confidential. If the reader of this message is not the intended recipient or the person responsible to deliver it to the intended recipient; he or she is prohibited from reading or disclosing the information contained in this transmission. Any examination, use, dissemination, distribution, or copying of this communication is strictly prohibited. Please contact us immediately by telephone for instructions if you have received this communication in error: (214) 758-6800 -------------- next part -------------- An HTML attachment was scrubbed... URL: http://list.jamfsoftware.com/pipermail/casper/attachments/20080804/a46da83d/attachment.htm From ERNSTCS at uwec.edu Mon Aug 4 17:53:28 2008 From: ERNSTCS at uwec.edu (Ernst, Craig S.) Date: Mon, 4 Aug 2008 19:53:28 -0500 Subject: [Casper] Change jamf Helper Splash Screen In-Reply-To: Message-ID: I had a similar request for customization so I could script the installation of like Final Cut Pro to happen at startup as well so the package wasn't cached, it's just so big with the content. It'd call the binary with the text/images I'd want on the screen, etc. I like your idea. Craig E On 8/4/08 6:14 PM, "Steve Wood" wrote: Is there a way to customize the new splash screen that shows up after imaging a machine and installing say Adobe products? Nice touch by the way, it makes it easier to notice a machine is being imaged still instead of looking for the jamf helper name in the menu bar. However, I'd like to throw our company logo in there maybe, and maybe throw some text in that splash screen. Is it possible? Steve Wood Director of IT swood at integerdallas.com The Integer Group | 1999 Bryan St. | Ste. 1700 | Dallas, TX 75201 T 214.758.6813 | F 214.758.6901 | C 940.312.2475 ________________________________ -- The information contained in this email transmission is solely for the addressee(s) named above and is privileged and/or confidential. If the reader of this message is not the intended recipient or the person responsible to deliver it to the intended recipient; he or she is prohibited from reading or disclosing the information contained in this transmission. Any examination, use, dissemination, distribution, or copying of this communication is strictly prohibited. Please contact us immediately by telephone for instructions if you have received this communication in error: (214) 758-6800 -------------- next part -------------- An HTML attachment was scrubbed... URL: http://list.jamfsoftware.com/pipermail/casper/attachments/20080804/92ec6301/attachment.htm From CMyers at uclan.ac.uk Tue Aug 5 01:58:47 2008 From: CMyers at uclan.ac.uk (Criss Myers) Date: Tue, 05 Aug 2008 09:58:47 +0100 Subject: [Casper] Change jamf Helper Splash Screen In-Reply-To: References: Message-ID: <48982457.BB96.0081.0@uclan.ac.uk> Hi, I would go along with this and love to be able to edit the first run to add final cut studio, logic studio and komplete all of which are over 40gb installs, Also editing the Self Service background would be nice as well with a corporate logo Criss Criss Myers Senior Customer Support Analyst (Mac Services) Apple Certified Technical Coordinator v10.5 LIS Business Support Team Library 301 University of Central Lancashire Preston PR1 2HE Ex 5054 01772 895054 >>> On Tue, Aug 5, 2008 at 12:14 AM, in message , Steve Wood wrote: Is there a way to customize the new splash screen that shows up after imaging a machine and installing say Adobe products? Nice touch by the way, it makes it easier to notice a machine is being imaged still instead of looking for the jamf helper name in the menu bar. However, I?d like to throw our company logo in there maybe, and maybe throw some text in that splash screen. Is it possible? Steve Wood Director of IT swood at integerdallas.com The Integer Group | 1999 Bryan St. | Ste. 1700 | Dallas, TX 75201 T 214.758.6813 | F 214.758.6901 | C 940.312.2475 > >> -- > The information contained in this email transmission is solely for the addressee(s) named above and is privileged and/or confidential. If the reader of this message is not the intended recipient or the person responsible to deliver it to the intended recipient; he or she is prohibited from reading or disclosing the information contained in this transmission. Any examination, use, dissemination, distribution, or copying of this communication is strictly prohibited. Please contact us immediately by telephone for instructions if you have received this communication in error: (214) 758-6800 > -------------- next part -------------- An HTML attachment was scrubbed... URL: http://list.jamfsoftware.com/pipermail/casper/attachments/20080805/bc9335db/attachment.html From ERNSTCS at uwec.edu Tue Aug 5 05:49:36 2008 From: ERNSTCS at uwec.edu (Ernst, Craig S.) Date: Tue, 5 Aug 2008 07:49:36 -0500 Subject: [Casper] Change jamf Helper Splash Screen In-Reply-To: <48982457.BB96.0081.0@uclan.ac.uk> Message-ID: Hi Criss, You can modify the first run script at least to be able to install things by creating a script you have set to run at reboot that calls the binary using the install verb, but of course you can't call the jamf helper splash screen. You probably already knew this and specifically meant edit it like we've said with the splash screen so sorry if I'm repeating info. Craig E On 8/5/08 3:58 AM, "Criss Myers" wrote: Hi, I would go along with this and love to be able to edit the first run to add final cut studio, logic studio and komplete all of which are over 40gb installs, Also editing the Self Service background would be nice as well with a corporate logo Criss Criss Myers Senior Customer Support Analyst (Mac Services) Apple Certified Technical Coordinator v10.5 LIS Business Support Team Library 301 University of Central Lancashire Preston PR1 2HE Ex 5054 01772 895054 >>> On Tue, Aug 5, 2008 at 12:14 AM, in message , Steve Wood wrote: Is there a way to customize the new splash screen that shows up after imaging a machine and installing say Adobe products? Nice touch by the way, it makes it easier to notice a machine is being imaged still instead of looking for the jamf helper name in the menu bar. However, I'd like to throw our company logo in there maybe, and maybe throw some text in that splash screen. Is it possible? Steve Wood Director of IT swood at integerdallas.com The Integer Group | 1999 Bryan St. | Ste. 1700 | Dallas, TX 75201 T 214.758.6813 | F 214.758.6901 | C 940.312.2475 > > ________________________________ > -- > The information contained in this email transmission is solely for the addressee(s) named above and is privileged and/or confidential. If the reader of this message is not the intended recipient or the person responsible to deliver it to the intended recipient; he or she is prohibited from reading or disclosing the information contained in this transmission. Any examination, use, dissemination, distribution, or copying of this communication is strictly prohibited. Please contact us immediately by telephone for instructions if you have received this communication in error: (214) 758-6800 > -------------- next part -------------- An HTML attachment was scrubbed... URL: http://list.jamfsoftware.com/pipermail/casper/attachments/20080805/0db9ccf6/attachment-0001.html From tgreenleaf at saintmarksschool.org Tue Aug 5 12:26:52 2008 From: tgreenleaf at saintmarksschool.org (Tatian Greenleaf) Date: Tue, 05 Aug 2008 12:26:52 -0700 Subject: [Casper] Computer name won't stick Message-ID: This isn't directly related to Casper, but it is a problem I'm having after I re-image computers. On about half of our eMacs, the Computer Name (sharing name) will not stick. I can change it in the Sharing pref panel, but after restarting the computer, it reverts back. Has anyone experienced this? I read that it could be related to open directory / LDAP settings, but I don't know how to prevent it from happening. ____________________________ Tatian Greenleaf Associate Director of Technology Saint Mark's School (415) 472-8000 x1014 From NATHANIEL.LINDLEY at spps.org Tue Aug 5 12:39:44 2008 From: NATHANIEL.LINDLEY at spps.org (NATHANIEL.LINDLEY at spps.org) Date: Tue, 5 Aug 2008 14:39:44 -0500 Subject: [Casper] Computer name won't stick In-Reply-To: Message-ID: Tatian, Check in Workgroup Manager to see if the computers are part of a list and you have the "enforce computer name" checkbox in WGM for that machine or group. -Nathaniel "Tatian Greenleaf" Sent by: casper-bounces at list.jamfsoftware.com 08/05/08 02:26 PM To casper at list.jamfsoftware.com cc Subject [Casper] Computer name won't stick This isn't directly related to Casper, but it is a problem I'm having after I re-image computers. On about half of our eMacs, the Computer Name (sharing name) will not stick. I can change it in the Sharing pref panel, but after restarting the computer, it reverts back. Has anyone experienced this? I read that it could be related to open directory / LDAP settings, but I don't know how to prevent it from happening. ____________________________ Tatian Greenleaf Associate Director of Technology Saint Mark's School (415) 472-8000 x1014 _______________________________________________ Casper mailing list Casper at list.jamfsoftware.com http://list.jamfsoftware.com/mailman/listinfo/casper -------------- next part -------------- An HTML attachment was scrubbed... URL: http://list.jamfsoftware.com/pipermail/casper/attachments/20080805/7c345c42/attachment.htm From tgreenleaf at saintmarksschool.org Wed Aug 6 16:29:57 2008 From: tgreenleaf at saintmarksschool.org (Tatian Greenleaf) Date: Wed, 06 Aug 2008 16:29:57 -0700 Subject: [Casper] Computer name won't stick [FIXED] In-Reply-To: References: Message-ID: Thanks... I had a tough time finding the checkbox, but once I did, it seems to have done the trick: [Image:8608_43019_0.png] Tatian casper at list.jamfsoftware.com writes: >Message: 2 >Date: Tue, 5 Aug 2008 14:39:44 -0500 >From: NATHANIEL.LINDLEY at spps.org >Subject: Re: [Casper] Computer name won't stick >To: "Tatian Greenleaf" >Cc: casper-bounces at list.jamfsoftware.com, casper at list.jamfsoftware.com >Message-ID: > >Content-Type: text/plain; charset="us-ascii" > >Tatian, >Check in Workgroup Manager to see if the computers are part of a list and >you have the "enforce computer name" checkbox in WGM for that machine or >group. >-Nathaniel -------------- next part -------------- A non-text attachment was scrubbed... Name: 8608_43019_0.png Type: image/png Size: 7733 bytes Desc: not available Url : http://list.jamfsoftware.com/pipermail/casper/attachments/20080806/9e453031/attachment.png From rcorbin at mac.com Thu Aug 7 11:10:28 2008 From: rcorbin at mac.com (Roger Corbin) Date: Thu, 07 Aug 2008 11:10:28 -0700 Subject: [Casper] Enable Leopard Guest Account ? In-Reply-To: <51FB031C-BC46-45D5-881A-B57E2B7DF760@apple.com> References: <51FB031C-BC46-45D5-881A-B57E2B7DF760@apple.com> Message-ID: <1A4EC0CB-C209-4D75-93B4-377C0727FA8E@mac.com> Thanks for the tip on this John but I seem to have hit another strange roadblock. Is it just me or is there no way to browse the network for computers and add them as computer accounts in 10.5 server's Workgroup Manager ? There used to be a browse function in 10.4.x Workgroup Manager where you could browse the network for machines and then drag them in. I have been looking all over for this function in 10.5 WGM. After I couldn't find it I started reading through the manual to see what it says. All it mentions is adding them by MAC address. Is this feature really gone ? Are they planning to add it back ? As a plan B is there some way to import a list of MAC addresses ? I can't say I really want to enter in hundreds of MAC addresses in by hand. Roger Corbin Richmond School District #38 On 31-Jul-08, at 1:02 PM, John DeTroye wrote: > Workgroup Manager, Login prefs - has a checkbox to enable Guest > account on all managed systems. If you want it on only a few > systems, create a computer group of just those systems, then set > that pref just for that group. > > johnd > > On Jul 31, 2008, at 1:45 PM, Roger Corbin wrote: > >> The 10.5.x OS package that we are currently using has the Leopard >> guest account disabled. >> >> We have a few machines out there that we would actually like to >> enable >> this on. I'm trying to figure out if there >> is a way to enable it via command line, but I can't find any command >> line interface to that setting. >> >> Has anyone out there managed to do this ? >> >> I can have Casper create a guest account, but it would be nice to use >> the standard Leopard one as all the >> data gets erased each time a guest user logs out. >> >> Roger Corbin >> Richmond School District 38 >> _______________________________________________ >> Casper mailing list >> Casper at list.jamfsoftware.com >> http://list.jamfsoftware.com/mailman/listinfo/casper > > -- > John DeTroye Email: johnd at apple.com > Sr. Consulting Engineer Work: 303-933-1807 > Systems Management Specialist Fax: 303-979-6616 > Apple - Education iChat: johnd at mac.com > Tips and Tricks Docs - http://idisk.mac.com/johnd > -- > > > > From RIVERAR at email.chop.edu Thu Aug 7 12:00:51 2008 From: RIVERAR at email.chop.edu (Raymond Rivera) Date: Thu, 07 Aug 2008 15:00:51 -0400 Subject: [Casper] Casper Digest, Vol 20, Issue 4 Message-ID: I will be out of the office from Thursday , August 7 until Monday, August 11 and will be returning on Tuesday August 12. From rcorbin at mac.com Thu Aug 7 13:05:03 2008 From: rcorbin at mac.com (Roger Corbin) Date: Thu, 07 Aug 2008 13:05:03 -0700 Subject: [Casper] Enable Leopard Guest Account ? [Fixed] In-Reply-To: <1A4EC0CB-C209-4D75-93B4-377C0727FA8E@mac.com> References: <51FB031C-BC46-45D5-881A-B57E2B7DF760@apple.com> <1A4EC0CB-C209-4D75-93B4-377C0727FA8E@mac.com> Message-ID: With the help from someone on the OS X servers list I have it figured out. You need to go to the Computers Groups tab and look at the members section. At that point there is a button with a "..." label that if clicked on let's you browse the network and add members. Somehow it just wasn't as obvious as it was in 10.4. Roger On 7-Aug-08, at 11:10 AM, Roger Corbin wrote: > Thanks for the tip on this John but I seem to have hit another > strange roadblock. > > Is it just me or is there no way to browse the network for computers > and add them as computer accounts in 10.5 server's Workgroup > Manager ? There used to be a browse function in 10.4.x Workgroup > Manager where you could browse the network for machines and then > drag them in. I have been looking all over for this function in 10.5 > WGM. After I couldn't find it I started reading through the manual > to see what it says. All it mentions is adding them by MAC address. > Is this feature really gone ? Are they planning to add it back ? As > a plan B is there some way to import a list of MAC addresses ? I > can't say I really want to enter in hundreds of MAC addresses in by > hand. > > Roger Corbin > Richmond School District #38 > > On 31-Jul-08, at 1:02 PM, John DeTroye wrote: > >> Workgroup Manager, Login prefs - has a checkbox to enable Guest >> account on all managed systems. If you want it on only a few >> systems, create a computer group of just those systems, then set >> that pref just for that group. >> >> johnd >> >> On Jul 31, 2008, at 1:45 PM, Roger Corbin wrote: >> >>> The 10.5.x OS package that we are currently using has the Leopard >>> guest account disabled. >>> >>> We have a few machines out there that we would actually like to >>> enable >>> this on. I'm trying to figure out if there >>> is a way to enable it via command line, but I can't find any command >>> line interface to that setting. >>> >>> Has anyone out there managed to do this ? >>> >>> I can have Casper create a guest account, but it would be nice to >>> use >>> the standard Leopard one as all the >>> data gets erased each time a guest user logs out. >>> >>> Roger Corbin >>> Richmond School District 38 >>> _______________________________________________ >>> Casper mailing list >>> Casper at list.jamfsoftware.com >>> http://list.jamfsoftware.com/mailman/listinfo/casper >> >> -- >> John DeTroye Email: johnd at apple.com >> Sr. Consulting Engineer Work: 303-933-1807 >> Systems Management Specialist Fax: 303-979-6616 >> Apple - Education iChat: johnd at mac.com >> Tips and Tricks Docs - http://idisk.mac.com/johnd >> -- >> >> >> >> > From paul.austin at wachovia.com Sun Aug 10 17:39:34 2008 From: paul.austin at wachovia.com (Paul Austin) Date: Sun, 10 Aug 2008 20:39:34 -0400 Subject: [Casper] Office 2008 Template bug Message-ID: Has anyone been able to put together a package to deal with the Office 2008 template bug yet? This is the bug where Word, Powerpoint, and Excel files are saved as templates when saved from a web site or from an attachment in mail. Documentation on a fix for Office can be found in this posting: http://discussions.apple.com/message.jspa?messageID=6401575#6403855. I put together a package with the updated files in it, but have been unable to figure out a way to script the command. It needs to be run as each user on a system to function. Thanks Paul Austin Wachovia Desktop Services 704 427-0903 From ERNSTCS at uwec.edu Mon Aug 11 10:46:13 2008 From: ERNSTCS at uwec.edu (Ernst, Craig S.) Date: Mon, 11 Aug 2008 12:46:13 -0500 Subject: [Casper] Change jamf Helper Splash Screen In-Reply-To: <48982457.BB96.0081.0@uclan.ac.uk> Message-ID: I have another use for being able to customize the jamfHelper, and that is for my nightly maintenance script I run at startup during a reboot in the AM. Depending on the amount of data being moved around it would be nice if someone couldn't see the login screen while that process was occurring and tell them maintenance is being performed until it had finished. Craig E On 8/5/08 3:58 AM, "Criss Myers" wrote: Hi, I would go along with this and love to be able to edit the first run to add final cut studio, logic studio and komplete all of which are over 40gb installs, Also editing the Self Service background would be nice as well with a corporate logo Criss Criss Myers Senior Customer Support Analyst (Mac Services) Apple Certified Technical Coordinator v10.5 LIS Business Support Team Library 301 University of Central Lancashire Preston PR1 2HE Ex 5054 01772 895054 >>> On Tue, Aug 5, 2008 at 12:14 AM, in message , Steve Wood wrote: Is there a way to customize the new splash screen that shows up after imaging a machine and installing say Adobe products? Nice touch by the way, it makes it easier to notice a machine is being imaged still instead of looking for the jamf helper name in the menu bar. However, I'd like to throw our company logo in there maybe, and maybe throw some text in that splash screen. Is it possible? Steve Wood Director of IT swood at integerdallas.com The Integer Group | 1999 Bryan St. | Ste. 1700 | Dallas, TX 75201 T 214.758.6813 | F 214.758.6901 | C 940.312.2475 > > ________________________________ > -- > The information contained in this email transmission is solely for the addressee(s) named above and is privileged and/or confidential. If the reader of this message is not the intended recipient or the person responsible to deliver it to the intended recipient; he or she is prohibited from reading or disclosing the information contained in this transmission. Any examination, use, dissemination, distribution, or copying of this communication is strictly prohibited. Please contact us immediately by telephone for instructions if you have received this communication in error: (214) 758-6800 > -------------- next part -------------- An HTML attachment was scrubbed... URL: http://list.jamfsoftware.com/pipermail/casper/attachments/20080811/28ba0209/attachment.html From tgreenleaf at saintmarksschool.org Mon Aug 11 11:32:00 2008 From: tgreenleaf at saintmarksschool.org (Tatian Greenleaf) Date: Mon, 11 Aug 2008 11:32:00 -0700 Subject: [Casper] How to reset DNS for JSS? Message-ID: I can't seem to find this anywhere... how do I reset the IP Address/DNS for the JSS? I originally setup the JSS to use a DNS Name, but I now need to switch it back to an IP Address for use with netbooting. Thanks, ____________________________ Tatian Greenleaf Associate Director of Technology Saint Mark's School (415) 472-8000 x1014 From joelande at hibbing.k12.mn.us Mon Aug 11 11:44:03 2008 From: joelande at hibbing.k12.mn.us (Joel R. Anderson) Date: Mon, 11 Aug 2008 13:44:03 -0500 Subject: [Casper] How to reset DNS for JSS? In-Reply-To: References: Message-ID: "Tatian Greenleaf" on August 11, 2008 at 1:32 PM -0500 wrote: > I originally setup the JSS to use a DNS Name, but I now need >to switch it back to an IP Address for use with netbooting. I can't answer your specific question (we have only been running Casper for 10 days, and haven't had our "JumpStart" yet), but we NetBoot with JSS's DNS name without any problems. ''''''' ^-O-O-^ +----oOO----(_)--------------+ | Joel Anderson | | Director of Technology | | Hibbing Public Schools | | www.hibbing.k12.mn.us | +----------------------oOO---+ |__|__| || || ooO Ooo -------------- next part -------------- An HTML attachment was scrubbed... URL: http://list.jamfsoftware.com/pipermail/casper/attachments/20080811/48f7b682/attachment.html From tlarki at kckps.org Mon Aug 11 11:44:49 2008 From: tlarki at kckps.org (Thomas Larkin) Date: Mon, 11 Aug 2008 13:44:49 -0500 Subject: [Casper] How to reset DNS for JSS? Message-ID: <48A0425102000039000011FD@gwoes4.kckps.org> When you create your Netboot installer/image it asks you to point it to your casper application. Before you create if, if you hold down the option key and open up Casper.app it will ask you for the JSS info. You can simply put an IP address in there instead of DNS. Or, if you are feeling tricky your client machines store the JSS info in /etc/jamf.conf so you can edit that holds the JSS info. For example, since I am at my iMac right this moment, I will show you what it looks like: tlarkin$ cat /etc/jamf.conf #### #### jamf.conf -- JAMF Software Configuration File #### this file will allow Recon, Casper and the jamf command line #### application to locate the JSS (JAMF Software Server) they need #### to communicate with serverAddress = xs001-casper.kckps.org serverPort = 9006 securePort = 8443 serverPath = ssl = true vncPort = 5999 Where it says "server address" you can just put in your IP instead of DNS, and then do a mass copy of that file via ARD admin or a casper policy or whatever. I think it would be easier to build the netboot image though the way I first explained it. Thomas Larkin TIS Department KCKPS USD500 tlarki at kckps.org cell: 913-449-7589 office: 913-627-0351 >>> "Tatian Greenleaf" 08/11/08 1:36 PM >>> I can't seem to find this anywhere... how do I reset the IP Address/DNS for the JSS? I originally setup the JSS to use a DNS Name, but I now need to switch it back to an IP Address for use with netbooting. Thanks, ____________________________ Tatian Greenleaf Associate Director of Technology Saint Mark's School (415) 472-8000 x1014 _______________________________________________ Casper mailing list Casper at list.jamfsoftware.com http://list.jamfsoftware.com/mailman/listinfo/casper From tlarki at kckps.org Mon Aug 11 11:46:41 2008 From: tlarki at kckps.org (Thomas Larkin) Date: Mon, 11 Aug 2008 13:46:41 -0500 Subject: [Casper] How to reset DNS for JSS? Message-ID: <48A042C10200003900001202@gwoes4.kckps.org> I assume you are netbooting behind NAT? I just did the same thing and since I didn't feel like forwarding a bunch of ports for DNS to go through NAT, I just decided to do that same thing you did and do it by IP address. Thomas Larkin TIS Department KCKPS USD500 tlarki at kckps.org cell: 913-449-7589 office: 913-627-0351 >>> "Joel R. Anderson" 08/11/08 1:44 PM >>> "Tatian Greenleaf" on August 11, 2008 at 1:32 PM -0500 wrote: > I originally setup the JSS to use a DNS Name, but I now need >to switch it back to an IP Address for use with netbooting. I can't answer your specific question (we have only been running Casper for 10 days, and haven't had our "JumpStart" yet), but we NetBoot with JSS's DNS name without any problems. ''''''' ^-O-O-^ +----oOO----(_)--------------+ | Joel Anderson | | Director of Technology | | Hibbing Public Schools | | www.hibbing.k12.mn.us | +----------------------oOO---+ |__|__| || || ooO Ooo From ERNSTCS at uwec.edu Mon Aug 11 11:47:33 2008 From: ERNSTCS at uwec.edu (Ernst, Craig S.) Date: Mon, 11 Aug 2008 13:47:33 -0500 Subject: [Casper] How to reset DNS for JSS? In-Reply-To: Message-ID: You can run the following command on the clients: /usr/sbin/jamf createConf -server -target '/Volumes/Macintosh HD' -port 9006 -securePort 8443 -ssl Check: /usr/sbin/jamf help createConf Craig E On 8/11/08 1:32 PM, "Tatian Greenleaf" wrote: I can't seem to find this anywhere... how do I reset the IP Address/DNS for the JSS? I originally setup the JSS to use a DNS Name, but I now need to switch it back to an IP Address for use with netbooting. Thanks, ____________________________ Tatian Greenleaf Associate Director of Technology Saint Mark's School (415) 472-8000 x1014 _______________________________________________ Casper mailing list Casper at list.jamfsoftware.com http://list.jamfsoftware.com/mailman/listinfo/casper -------------- next part -------------- An HTML attachment was scrubbed... URL: http://list.jamfsoftware.com/pipermail/casper/attachments/20080811/10c7056c/attachment.htm From joelande at hibbing.k12.mn.us Mon Aug 11 11:48:09 2008 From: joelande at hibbing.k12.mn.us (Joel R. Anderson) Date: Mon, 11 Aug 2008 13:48:09 -0500 Subject: [Casper] How to reset DNS for JSS? In-Reply-To: <48A042C10200003900001202@gwoes4.kckps.org> References: <48A042C10200003900001202@gwoes4.kckps.org> Message-ID: "Thomas Larkin" on August 11, 2008 at 1:46 PM -0500 wrote: >I assume you are netbooting behind NAT? Yes, and using the FQDN works just fine ''''''' ^-O-O-^ +----oOO----(_)--------------+ | Joel Anderson | | Director of Technology | | Hibbing Public Schools | | www.hibbing.k12.mn.us | +----------------------oOO---+ |__|__| || || ooO Ooo -------------- next part -------------- An HTML attachment was scrubbed... URL: http://list.jamfsoftware.com/pipermail/casper/attachments/20080811/7b80f9cb/attachment.htm From tgreenleaf at saintmarksschool.org Mon Aug 11 11:46:55 2008 From: tgreenleaf at saintmarksschool.org (Tatian Greenleaf) Date: Mon, 11 Aug 2008 11:46:55 -0700 Subject: [Casper] How to reset DNS for JSS? In-Reply-To: References: Message-ID: Am I right in assuming that will only fix it on that individual client? I'm looking for a way at the server level, since all of my clients are trying to connect to the DNS Name and timing out. Tatian "Ernst, Craig S." writes: >You can run the following command on the clients: > >/usr/sbin/jamf createConf ?server -target ?/Volumes/Macintosh HD? >-porrt 9006 ?securePort 8443 ?ssl > >Check: /usr/sbin/jamf help createConf > >Craig E From tlarki at kckps.org Mon Aug 11 11:53:46 2008 From: tlarki at kckps.org (Thomas Larkin) Date: Mon, 11 Aug 2008 13:53:46 -0500 Subject: [Casper] How to reset DNS for JSS? Message-ID: <48A0446A020000390000120D@gwoes4.kckps.org> If you are netbooting behind NAT, and want to use an IP instead of DNS just recreate the netboot image/installer and configure the casper app to look at the IP instead of the DNS, or modify the /etc/jamf.conf file like I had mentioned earlier. Hope that helps you, Thomas Larkin TIS Department KCKPS USD500 tlarki at kckps.org cell: 913-449-7589 office: 913-627-0351 >>> "Tatian Greenleaf" 08/11/08 1:51 PM >>> Am I right in assuming that will only fix it on that individual client? I'm looking for a way at the server level, since all of my clients are trying to connect to the DNS Name and timing out. Tatian "Ernst, Craig S." writes: >You can run the following command on the clients: > >/usr/sbin/jamf createConf ?server -target ?/Volumes/Macintosh HD? >-porrt 9006 ?securePort 8443 ?ssl > >Check: /usr/sbin/jamf help createConf > >Craig E _______________________________________________ Casper mailing list Casper at list.jamfsoftware.com http://list.jamfsoftware.com/mailman/listinfo/casper From ERNSTCS at uwec.edu Mon Aug 11 12:04:18 2008 From: ERNSTCS at uwec.edu (Ernst, Craig S.) Date: Mon, 11 Aug 2008 14:04:18 -0500 Subject: [Casper] How to reset DNS for JSS? In-Reply-To: Message-ID: That's the thing though...the "Clients" are busted so you have to update the /etc/jamf.conf file on all the clients. If you use Casper (Remote) to perform this command on anything you can currently talk to this will fix the client piece. As far as when a new machine gets imaged then you have to do what Thomas suggests as the etc file gets written with the same server as the Casper (Imaging) application uses. Craig E On 8/11/08 1:46 PM, "Tatian Greenleaf" wrote: Am I right in assuming that will only fix it on that individual client? I'm looking for a way at the server level, since all of my clients are trying to connect to the DNS Name and timing out. Tatian "Ernst, Craig S." writes: >You can run the following command on the clients: > >/usr/sbin/jamf createConf -server -target '/Volumes/Macintosh HD' >-porrt 9006 -securePort 8443 -ssl > >Check: /usr/sbin/jamf help createConf > >Craig E -------------- next part -------------- An HTML attachment was scrubbed... URL: http://list.jamfsoftware.com/pipermail/casper/attachments/20080811/68f72a2a/attachment.htm From mwv1 at meadwestvaco.com Mon Aug 11 12:23:20 2008 From: mwv1 at meadwestvaco.com (Michael W VanVliet) Date: Mon, 11 Aug 2008 15:23:20 -0400 Subject: [Casper] Michael W VanVliet is out of the office. Message-ID: I will be out of the office starting 08/11/2008 and will not return until 08/18/2008. I will respond to your message when I return. This electronic message contains information from MeadWestvaco Corporation or subsidiary companies, which may be confidential, privileged or otherwise protected from disclosure. The information is intended to be used solely by the recipient(s) named. If you are not an intended recipient, be aware that any review, disclosure, copying, distribution or use of this transmission or its contents is prohibited. If you have received this transmission in error, please notify MeadWestvaco immediately at postmaster at mwv.com. From josh at jamfsoftware.com Mon Aug 11 12:54:32 2008 From: josh at jamfsoftware.com (Josh Holland) Date: Mon, 11 Aug 2008 12:54:32 -0700 Subject: [Casper] How to reset DNS for JSS? In-Reply-To: Message-ID: Hello, I just want to clarify what it is you are trying to accomplish. The JAMF configuration file (/etc/jamf.conf) on the client is only used for checking in to the JSS (ie for updating the client's IP and checking for Policies etc), and does not affect NetBoot. In fact, we recommend using a fully qualified DNS name for this. Your NetBoot server's IP address should be entered in the JSS > Management tab > NetBoot Servers. Once set there, when you tell your clients to NetBoot to a specific server using Casper Remote or a Policy, it will use that IP address. Please let me know if I am understanding the issue correctly, and if the above will resolve the problem. Thanks, Josh ............................................................................ Joshua Holland Sr. Systems Engineer ............................................................................ JAMF Software 1011 Washington Ave S. #350 Minneapolis, MN 55415 ............................................................................ Office (612) 605-6625 Fax (612) 332-9054 ............................................................................ http://www.jamfsoftware.com On 8/11/08 1:32 PM, "Tatian Greenleaf" wrote: I can't seem to find this anywhere... how do I reset the IP Address/DNS for the JSS? I originally setup the JSS to use a DNS Name, but I now need to switch it back to an IP Address for use with netbooting. Thanks, ____________________________ Tatian Greenleaf Associate Director of Technology Saint Mark's School (415) 472-8000 x1014 _______________________________________________ Casper mailing list Casper at list.jamfsoftware.com http://list.jamfsoftware.com/mailman/listinfo/casper -------------- next part -------------- An HTML attachment was scrubbed... URL: http://list.jamfsoftware.com/pipermail/casper/attachments/20080811/6c5ad051/attachment.htm From tlarki at kckps.org Mon Aug 11 13:07:23 2008 From: tlarki at kckps.org (Thomas Larkin) Date: Mon, 11 Aug 2008 15:07:23 -0500 Subject: [Casper] enable root account via casper policy? Message-ID: <48A05528020000390000122B@gwoes4.kckps.org> So, Well I thought it would be a good idea to not enable the root account since there was no practical or real use for it. Now, there is a practical use for it, mainly with students (since I am in edu) and AUP violations. Is there a way to enable it remotely, say through a casper policy? It looks as if I use the dscl command and put a password on the root account it will enable it next reboot? Has anyone tried this? If I do a dscl . list /Users it will list that the root account is there but it is not enabled in my main image. I think if I put a password on the account it would be accessible. Has anyone done anything like this before? Thanks, Thomas Larkin TIS Department KCKPS USD500 tlarki at kckps.org cell: 913-449-7589 office: 913-627-0351 From tlarki at kckps.org Mon Aug 11 13:37:56 2008 From: tlarki at kckps.org (Thomas Larkin) Date: Mon, 11 Aug 2008 15:37:56 -0500 Subject: [Casper] enable root account via casper policy? Message-ID: <48A05BC70200003900001239@gwoes4.kckps.org> Well my Google-Fu sucks, because I didn't come up with the answer, but Cam emailed me the proper command and it works /usr/sbin/dsenableroot -u local_admin -p local_admin_pw -r root_password Of course fill in the blanks and that is how you enable the root account. just FYI for anyone who was curious. Thx Thomas Larkin TIS Department KCKPS USD500 tlarki at kckps.org cell: 913-449-7589 office: 913-627-0351 >>> "Thomas Larkin" 08/11/08 3:06 PM >>> So, Well I thought it would be a good idea to not enable the root account since there was no practical or real use for it. Now, there is a practical use for it, mainly with students (since I am in edu) and AUP violations. Is there a way to enable it remotely, say through a casper policy? It looks as if I use the dscl command and put a password on the root account it will enable it next reboot? Has anyone tried this? If I do a dscl . list /Users it will list that the root account is there but it is not enabled in my main image. I think if I put a password on the account it would be accessible. Has anyone done anything like this before? Thanks, Thomas Larkin TIS Department KCKPS USD500 tlarki at kckps.org cell: 913-449-7589 office: 913-627-0351 _______________________________________________ Casper mailing list Casper at list.jamfsoftware.com http://list.jamfsoftware.com/mailman/listinfo/casper From cpb10 at cam.ac.uk Tue Aug 12 08:30:35 2008 From: cpb10 at cam.ac.uk (Clare Bartlet) Date: Tue, 12 Aug 2008 16:30:35 +0100 Subject: [Casper] Store on JSS setting won't stick Message-ID: For some reason the setting 'Store on JSS' isn't sticking I have been going to Inventory, search for computers and then individually edit their autorun data. Other settings in here such as 'Run Automatically' are being saving but if I tick Store on JSS and then the Save Autorun Data when I come back to look again it hasn't been saved. Any idea what is going on here? it's very frustrating..... Clare -------------------------------------------- Clare Bartlet mailto:cpb10 at cam.ac.uk Macintosh Support phone: +44 1223 334723 University of Cambridge Computing Service New Museums Site, Pembroke Street, Cambridge CB2 3QH -------------- next part -------------- An HTML attachment was scrubbed... URL: http://list.jamfsoftware.com/pipermail/casper/attachments/20080812/2869d823/attachment.html From nicometo.tim at mayo.edu Tue Aug 12 08:36:56 2008 From: nicometo.tim at mayo.edu (Tim Nicometo) Date: Tue, 12 Aug 2008 10:36:56 -0500 Subject: [Casper] Casper Admin 6 Speed Message-ID: We recently upgraded to Casper version 6, and I have noticed that copy files to Casper Admin as well as saving appears to take about 3-4 times as long as it used to. Has anyone else noticed this, or is it just me? Thanks... Tim -------------- next part -------------- An HTML attachment was scrubbed... URL: http://list.jamfsoftware.com/pipermail/casper/attachments/20080812/81c0fb6c/attachment.html From eyoung at thayer.org Tue Aug 12 09:33:22 2008 From: eyoung at thayer.org (Eric Young) Date: Tue, 12 Aug 2008 12:33:22 -0400 Subject: [Casper] Casper Admin 6 Speed In-Reply-To: References: Message-ID: <8119D559-32F5-44E9-888F-4143EBCC521C@thayer.org> nice and responsive here. I would even say that 6 feels a bit faster than 5 for copies and the like. On Aug 12, 2008, at 11:36 AM, Tim Nicometo wrote: > We recently upgraded to Casper version 6, and I have noticed that > copy files to Casper Admin as well as saving appears to take about > 3-4 times as long as it used to. Has anyone else noticed this, or > is it just me? Thanks... > > Tim > _______________________________________________ > Casper mailing list > Casper at list.jamfsoftware.com > http://list.jamfsoftware.com/mailman/listinfo/casper -------------- next part -------------- An HTML attachment was scrubbed... URL: http://list.jamfsoftware.com/pipermail/casper/attachments/20080812/51e131a5/attachment.htm From ERNSTCS at uwec.edu Tue Aug 12 10:46:32 2008 From: ERNSTCS at uwec.edu (Ernst, Craig S.) Date: Tue, 12 Aug 2008 12:46:32 -0500 Subject: [Casper] Casper Admin 6 Speed In-Reply-To: <8119D559-32F5-44E9-888F-4143EBCC521C@thayer.org> Message-ID: I'd have to agree with Eric, that I think things have been faster. Craig On 8/12/08 11:33 AM, "Eric Young" wrote: nice and responsive here. I would even say that 6 feels a bit faster than 5 for copies and the like. On Aug 12, 2008, at 11:36 AM, Tim Nicometo wrote: We recently upgraded to Casper version 6, and I have noticed that copy files to Casper Admin as well as saving appears to take about 3-4 times as long as it used to. Has anyone else noticed this, or is it just me? Thanks... Tim _______________________________________________ Casper mailing list Casper at list.jamfsoftware.com http://list.jamfsoftware.com/mailman/listinfo/casper -------------- next part -------------- An HTML attachment was scrubbed... URL: http://list.jamfsoftware.com/pipermail/casper/attachments/20080812/95fc9d09/attachment.html From jeremymatthews at mac.com Tue Aug 12 10:54:17 2008 From: jeremymatthews at mac.com (Jeremy Matthews) Date: Tue, 12 Aug 2008 13:54:17 -0400 Subject: [Casper] Casper Admin 6 Speed In-Reply-To: References: Message-ID: <58E68A00-5B9B-400A-89F3-D2AA3BF53BFB@mac.com> I would say Casper 6 has been about the same for us as 5 - except when we use additional distribution points it seems to take longer, even though that is a separate syncing function. Thanks, j On Aug 12, 2008, at 1:46 PM, casper-request at list.jamfsoftware.com wrote: > We recently upgraded to Casper version 6, and I have noticed that > copy files > to Casper Admin as well as saving appears to take about 3-4 times as > long as > it used to. Has anyone else noticed this, or is it just me? > Thanks... From Chris.Lang at vu.edu.au Tue Aug 12 17:22:04 2008 From: Chris.Lang at vu.edu.au (Chris Lang) Date: Wed, 13 Aug 2008 10:22:04 +1000 Subject: [Casper] Self Service Policy Descriptions Message-ID: Hi All, Just a quick question, I am trying to add a lengthy description to a software deploy that I am making available via self service. The description is just plain text but I need carriage returns and line wraps in it to make it readable however when I check the self service app the line breaks have been stripped out and the text is just wrapped. Is there a way to customize the way that the description is displayed via HTML tags or another method? Regards, Chris Chris Lang Support Services Advisor Client Services Information Technology Services Phone: +61 3 9919 2735 Fax: +61 3 9919 2785 Mobile: +61 411 259 496 Email: Chris.Lang at vu.edu.au -------------- next part -------------- An HTML attachment was scrubbed... URL: http://list.jamfsoftware.com/pipermail/casper/attachments/20080813/8a65d0c6/attachment.htm From joelande at hibbing.k12.mn.us Tue Aug 12 18:45:30 2008 From: joelande at hibbing.k12.mn.us (Joel R. Anderson) Date: Tue, 12 Aug 2008 20:45:30 -0500 Subject: [Casper] Self Service Policy Descriptions In-Reply-To: References: Message-ID: Chris Lang on August 12, 2008 at 7:22 PM -0500 wrote: >Is there a way to customize the way that the description is displayed via >HTML tags or another method? If it is HTML, did you try the
tag? ''''''' ^-O-O-^ +----oOO----(_)--------------+ | Joel Anderson | | Director of Technology | | Hibbing Public Schools | | www.hibbing.k12.mn.us | +----------------------oOO---+ |__|__| || || ooO Ooo -------------- next part -------------- An HTML attachment was scrubbed... URL: http://list.jamfsoftware.com/pipermail/casper/attachments/20080812/7b276bdc/attachment.html From tlarki at kckps.org Wed Aug 13 13:29:16 2008 From: tlarki at kckps.org (Thomas Larkin) Date: Wed, 13 Aug 2008 15:29:16 -0500 Subject: [Casper] migrating JSS to new server Message-ID: <48A2FDCC02000039000013E0@gwoes4.kckps.org> So, I got my new servers in and want to migrate my JSS to my new awesome intel xeon xserve. I am exporting the MySQL database now. When I set up the JSS at home for when I want to take my work home I just installed JSS with the setup utility and then imported my exported database and it seemed to pick everything up. Any tips or caveats or anything else I should know in doing this? I will be upgrading to version 6 as well, so I can just import my version 5.13 into 6 with out any issues? I was beta testing 6 at home and it worked for me at home, but this is a live environment so I would like any feed back anyone can give me. Thanks tom From Halvorson.Jason at mayo.edu Wed Aug 13 13:52:43 2008 From: Halvorson.Jason at mayo.edu (Jason Halvorson) Date: Wed, 13 Aug 2008 15:52:43 -0500 Subject: [Casper] migrating JSS to new server - tip In-Reply-To: <48A2FDCC02000039000013E0@gwoes4.kckps.org> Message-ID: Just double check that your distribution point is created and permissioned correctly after the move, especially if your JSS is also a distribution share. I recently moved from a G5 Desktop to a Intel Xserve. The process went so smoothly that I felt I had to check all the pieces (Casper Remote, Casper Admin, JSS) over three times. Jason > From: Thomas Larkin > Date: Wed, 13 Aug 2008 15:29:16 -0500 > To: > Subject: [Casper] migrating JSS to new server > > So, I got my new servers in and want to migrate my JSS to my new awesome intel > xeon xserve. I am exporting the MySQL database now. > > When I set up the JSS at home for when I want to take my work home I just > installed JSS with the setup utility and then imported my exported database > and it seemed to pick everything up. > > Any tips or caveats or anything else I should know in doing this? I will be > upgrading to version 6 as well, so I can just import my version 5.13 into 6 > with out any issues? > > I was beta testing 6 at home and it worked for me at home, but this is a live > environment so I would like any feed back anyone can give me. > > Thanks > > tom > _______________________________________________ > Casper mailing list > Casper at list.jamfsoftware.com > http://list.jamfsoftware.com/mailman/listinfo/casper From HPOSTMAN at capousd.org Wed Aug 13 14:35:28 2008 From: HPOSTMAN at capousd.org (Postman, Hillary) Date: Wed, 13 Aug 2008 14:35:28 -0700 Subject: [Casper] migrating JSS to new server In-Reply-To: <48A2FDCC02000039000013E0@gwoes4.kckps.org> References: <48A2FDCC02000039000013E0@gwoes4.kckps.org> Message-ID: <91068919656B4F49948AE1E05E77FFAD06633AE0@DIST-WIN-MAIL-8.cusdnet.org> If you are migrating you also have to remove the top two keys from the config file on the server, (System/Library/LaunchDaemons/com.jamfsoftware.tomcat.plist) I did call in to get this help because we couldn't start the Tomcat portion of the server without doing this. Apparently the fix is coming but you will have to manually do this. My instructions aren't quite together enough to send so I recommend putting in a call to tech support. Hillary Hillary Postman Technology Support Specialist III Capistrano Unified School District 33122 Valle Road San Juan Capistrano, CA 92675 (949) 234-5530/FAX: (949) 487-5431 -----Original Message----- From: casper-bounces at list.jamfsoftware.com [mailto:casper-bounces at list.jamfsoftware.com] On Behalf Of Thomas Larkin Sent: Wednesday, August 13, 2008 1:29 PM To: casper at list.jamfsoftware.com Subject: [Casper] migrating JSS to new server So, I got my new servers in and want to migrate my JSS to my new awesome intel xeon xserve. I am exporting the MySQL database now. When I set up the JSS at home for when I want to take my work home I just installed JSS with the setup utility and then imported my exported database and it seemed to pick everything up. Any tips or caveats or anything else I should know in doing this? I will be upgrading to version 6 as well, so I can just import my version 5.13 into 6 with out any issues? I was beta testing 6 at home and it worked for me at home, but this is a live environment so I would like any feed back anyone can give me. Thanks tom _______________________________________________ Casper mailing list Casper at list.jamfsoftware.com http://list.jamfsoftware.com/mailman/listinfo/casper From Chris.Lang at vu.edu.au Wed Aug 13 15:18:07 2008 From: Chris.Lang at vu.edu.au (Chris Lang) Date: Thu, 14 Aug 2008 08:18:07 +1000 Subject: [Casper] Packaging Cisco VPN issues Message-ID: Hi, Sorry about the last post for some reason sent from one of the other accounts I have running. I have packaged Cisco VPN using composer and uploaded the package to the JSS. When I deploy via either HTTP or AFP it downloads or mounts the package but doesn?t copy any of the content? Has anyone experienced this with this app or other packages. I am using Casper 6 and other composer packages I have created all work fine. Regards, Chris Chris Lang Support Services Advisor Client Services Information Technology Services Phone: +61 3 9919 2735 Fax: +61 3 9919 2785 Mobile: +61 411 259 496 Email: Chris.Lang at vu.edu.au -------------- next part -------------- An HTML attachment was scrubbed... URL: http://list.jamfsoftware.com/pipermail/casper/attachments/20080814/b60a5599/attachment.html From TLARKI at kckps.org Thu Aug 14 07:02:35 2008 From: TLARKI at kckps.org (Thomas Larkin) Date: Thu, 14 Aug 2008 09:02:35 -0500 Subject: [Casper] migrating JSS to new server In-Reply-To: <48A3F4AB020000390000141B@gwoes4.kckps.org> References: <48A3F4AB0200003900001418@gwoes4.kckps.org> <48A3F4AB020000390000141B@gwoes4.kckps.org> Message-ID: <48A3F4AB020000390000141B@gwoes4.kckps.org> Got it done last night all is well but I forgot to transfer some packages. Which is actually ok because I had some bad habits which were fixed at the cca training back in june. It was easy and straight forward. I just upgraded the old one to 6 the created a full back up. Set up new server with afp and raid then installed the jss and restored the back up and voila all done. A very painless procedure. -----Original Message----- From: "Postman, Hillary" To: casper at list.jamfsoftware.com BCC: Thomas Larkin Creation Date: 8/13 4:35 pm Subject: Re: [Casper] migrating JSS to new server If you are migrating you also have to remove the top two keys from the config file on the server, (System/Library/LaunchDaemons/com.jamfsoftware.tomcat.plist) I did call in to get this help because we couldn't start the Tomcat portion of the server without doing this. Apparently the fix is coming but you will have to manually do this. My instructions aren't quite together enough to send so I recommend putting in a call to tech support. Hillary Hillary Postman Technology Support Specialist III Capistrano Unified School District 33122 Valle Road San Juan Capistrano, CA 92675 (949) 234-5530/FAX: (949) 487-5431 -----Original Message----- From: casper-bounces at list.jamfsoftware.com [mailto:casper-bounces at list.jamfsoftware.com] On Behalf Of Thomas Larkin Sent: Wednesday, August 13, 2008 1:29 PM To: casper at list.jamfsoftware.com Subject: [Casper] migrating JSS to new server So, I got my new servers in and want to migrate my JSS to my new awesome intel xeon xserve. I am exporting the MySQL database now. When I set up the JSS at home for when I want to take my work home I just installed JSS with the setup utility and then imported my exported database and it seemed to pick everything up. Any tips or caveats or anything else I should know in doing this? I will be upgrading to version 6 as well, so I can just import my version 5.13 into 6 with out any issues? I was beta testing 6 at home and it worked for me at home, but this is a live environment so I would like any feed back anyone can give me. Thanks tom _______________________________________________ Casper mailing list Casper at list.jamfsoftware.com http://list.jamfsoftware.com/mailman/listinfo/casper _______________________________________________ Casper mailing list Casper at list.jamfsoftware.com http://list.jamfsoftware.com/mailman/listinfo/casper From ERNSTCS at uwec.edu Thu Aug 14 07:04:58 2008 From: ERNSTCS at uwec.edu (Ernst, Craig S.) Date: Thu, 14 Aug 2008 09:04:58 -0500 Subject: [Casper] migrating JSS to new server In-Reply-To: <48A3F4AB020000390000141B@gwoes4.kckps.org> Message-ID: Yes...yes it is... Don't you wish everything was that easy? On 8/14/08 9:02 AM, "Thomas Larkin" wrote: voila all done. A very painless procedure. -------------- next part -------------- An HTML attachment was scrubbed... URL: http://list.jamfsoftware.com/pipermail/casper/attachments/20080814/e29cc0a5/attachment.html From rcorbin at mac.com Thu Aug 14 09:45:32 2008 From: rcorbin at mac.com (Roger Corbin) Date: Thu, 14 Aug 2008 09:45:32 -0700 Subject: [Casper] Permissions On Casper share point In-Reply-To: References: Message-ID: I've read (and heard) in the past that the permissions on the Casper package share points need to be set with "Others" having read only permissions. This appears to be needed in our case as the Casper share points are on the same server that is running the Netboot service. I just wanted to confirm this is the case and see what others might be doing in this regard. Right now we use the Admin account as the Read/Write account to the share point. We have another imaging account as the read only account. That imaging account is part of a group called imaging. We have given the imaging group read only access to that share point. So the permissions for the casper share point is set to Owner : admin read and write Group : imaging read only Everyone : read only This is all working fine right now, but the fact that users could possibly get access to packages or scripts does bother me a bit, so I just thought I see what others might be doing in this regard. Roger Corbin Richmond School District #38 -------------- next part -------------- An HTML attachment was scrubbed... URL: http://list.jamfsoftware.com/pipermail/casper/attachments/20080814/04e0827e/attachment.html From jeremymatthews at mac.com Thu Aug 14 10:09:42 2008 From: jeremymatthews at mac.com (Jeremy Matthews) Date: Thu, 14 Aug 2008 13:09:42 -0400 Subject: [Casper] User-based shell scripts after self-service installation Message-ID: <544AAC52-1E1B-4A07-A8AC-169C9AC2CE20@mac.com> Lets say you have a self-service item, iWork for example. After iWork is installed by the user, you want to serialize iWork by way of either: 1) writing user defaults to that users' preference file (assume you would choose to add a script in casper and run after the package is installed) 2) Deposit a file into the users' /Library/Preferences/ directory I can't attempt yet (our Casper is offline) - but need to continue working to deploy these once it is online. Does either method work? They sure don't work in packagemaker as postinstall scripts....since installer runs as root it can't understand the concept of "~" outside of the root user itself. Thanks, jeremy From ERNSTCS at uwec.edu Thu Aug 14 10:20:44 2008 From: ERNSTCS at uwec.edu (Ernst, Craig S.) Date: Thu, 14 Aug 2008 12:20:44 -0500 Subject: [Casper] User-based shell scripts after self-service installation In-Reply-To: <544AAC52-1E1B-4A07-A8AC-169C9AC2CE20@mac.com> Message-ID: The problem you might run into here is that the serialization that's created on one machine won't work on a another as it is bound to the hardware it was originally installed on. This is the case with many Apple software products. To get around this you typically need to purchase Volume licensing, which is 5 or more. And realisitically we do that to get the media that allows for a non-hardware bound install that can be packaged and deployed to multiple machines. I know that this is what we do for Final Cut Studio as well as Final Cut Express. I imagine that iWork is the same. Perhaps this will answer your question. Craig E On 8/14/08 12:09 PM, "Jeremy Matthews" wrote: Lets say you have a self-service item, iWork for example. After iWork is installed by the user, you want to serialize iWork by way of either: 1) writing user defaults to that users' preference file (assume you would choose to add a script in casper and run after the package is installed) 2) Deposit a file into the users' /Library/Preferences/ directory I can't attempt yet (our Casper is offline) - but need to continue working to deploy these once it is online. Does either method work? They sure don't work in packagemaker as postinstall scripts....since installer runs as root it can't understand the concept of "~" outside of the root user itself. Thanks, jeremy _______________________________________________ Casper mailing list Casper at list.jamfsoftware.com http://list.jamfsoftware.com/mailman/listinfo/casper -------------- next part -------------- An HTML attachment was scrubbed... URL: http://list.jamfsoftware.com/pipermail/casper/attachments/20080814/04793874/attachment.html From RIVERAR at email.chop.edu Thu Aug 14 10:21:43 2008 From: RIVERAR at email.chop.edu (Raymond Rivera) Date: Thu, 14 Aug 2008 13:21:43 -0400 Subject: [Casper] Casper Digest, Vol 20, Issue 11 Message-ID: I will be back in the office on Tuesday, August 19, 2008. From jeremymatthews at mac.com Thu Aug 14 10:26:29 2008 From: jeremymatthews at mac.com (Jeremy Matthews) Date: Thu, 14 Aug 2008 13:26:29 -0400 Subject: [Casper] User-based shell scripts after self-service installation In-Reply-To: References: Message-ID: <04DF018D-750F-44EC-A474-1E75AF9D4A43@mac.com> Actually, we have volume licensing on everything possible - even when there are only a few licenses....except Final Cut Pro. All the consumer stuff doesn't seem to be bound by hardware...so far. So, is it doable using either of those methods for the non-hardware- bound apps? -j On Aug 14, 2008, at 1:20 PM, Ernst, Craig S. wrote: > The problem you might run into here is that the serialization that?s > created on one machine won?t work on a another as it is bound to the > hardware it was originally installed on. This is the case with many > Apple software products. To get around this you typically need to > purchase Volume licensing, which is 5 or more. And realisitically we > do that to get the media that allows for a non-hardware bound > install that can be packaged and deployed to multiple machines. I > know that this is what we do for Final Cut Studio as well as Final > Cut Express. I imagine that iWork is the same. > > Perhaps this will answer your question. > > Craig E > > > On 8/14/08 12:09 PM, "Jeremy Matthews" wrote: > > Lets say you have a self-service item, iWork for example. > After iWork is installed by the user, you want to serialize iWork by > way of either: > > 1) writing user defaults to that users' preference file (assume you > would choose to add a script in casper and run after the package is > installed) > 2) Deposit a file into the users' /Library/Preferences/ directory > > I can't attempt yet (our Casper is offline) - but need to continue > working to deploy these once it is online. Does either method work? > They sure don't work in packagemaker as postinstall scripts....since > installer runs as root it can't understand the concept of "~" outside > of the root user itself. > > Thanks, > jeremy > _______________________________________________ > Casper mailing list > Casper at list.jamfsoftware.com > http://list.jamfsoftware.com/mailman/listinfo/casper > -------------- next part -------------- An HTML attachment was scrubbed... URL: http://list.jamfsoftware.com/pipermail/casper/attachments/20080814/9d413242/attachment.htm From ERNSTCS at uwec.edu Thu Aug 14 10:40:11 2008 From: ERNSTCS at uwec.edu (Ernst, Craig S.) Date: Thu, 14 Aug 2008 12:40:11 -0500 Subject: [Casper] User-based shell scripts after self-service installation In-Reply-To: <04DF018D-750F-44EC-A474-1E75AF9D4A43@mac.com> Message-ID: If you use Composer why wouldn't it just be part of the package, why does it need to be a separate file? Is this more for the security/licensing aspect so you don't go over your licenses by everyone just installing it since they see it? To answer your question, as long as it's just a file you want to modify with defaults or copy down it should work. Right now there would be no trigger to make that second portion happen. You would have to initiate that unless you do more scripting. =) Craig On 8/14/08 12:26 PM, "Jeremy Matthews" wrote: Actually, we have volume licensing on everything possible - even when there are only a few licenses....except Final Cut Pro. All the consumer stuff doesn't seem to be bound by hardware...so far. So, is it doable using either of those methods for the non-hardware-bound apps? -j On Aug 14, 2008, at 1:20 PM, Ernst, Craig S. wrote: The problem you might run into here is that the serialization that's created on one machine won't work on a another as it is bound to the hardware it was originally installed on. This is the case with many Apple software products. To get around this you typically need to purchase Volume licensing, which is 5 or more. And realisitically we do that to get the media that allows for a non-hardware bound install that can be packaged and deployed to multiple machines. I know that this is what we do for Final Cut Studio as well as Final Cut Express. I imagine that iWork is the same. Perhaps this will answer your question. Craig E On 8/14/08 12:09 PM, "Jeremy Matthews" wrote: Lets say you have a self-service item, iWork for example. After iWork is installed by the user, you want to serialize iWork by way of either: 1) writing user defaults to that users' preference file (assume you would choose to add a script in casper and run after the package is installed) 2) Deposit a file into the users' /Library/Preferences/ directory I can't attempt yet (our Casper is offline) - but need to continue working to deploy these once it is online. Does either method work? They sure don't work in packagemaker as postinstall scripts....since installer runs as root it can't understand the concept of "~" outside of the root user itself. Thanks, jeremy _______________________________________________ Casper mailing list Casper at list.jamfsoftware.com http://list.jamfsoftware.com/mailman/listinfo/casper -------------- next part -------------- An HTML attachment was scrubbed... URL: http://list.jamfsoftware.com/pipermail/casper/attachments/20080814/e870222f/attachment.htm From jeremymatthews at mac.com Thu Aug 14 10:45:24 2008 From: jeremymatthews at mac.com (Jeremy Matthews) Date: Thu, 14 Aug 2008 13:45:24 -0400 Subject: [Casper] User-based shell scripts after self-service installation In-Reply-To: References: Message-ID: <46A12439-F8BF-4D1D-9E4B-81392CDF4D2E@mac.com> Many of those apps write licenses out to the users' defaults - not global defaults or the system - unfortunately. We're limiting those who can see what apps by computer groups. I suppose my question that, when a policy is executed by Casper, and it includes a script to modify user defaults, does it modify the user defaults for the person installing it, or root (which is how packagemaker works). Same goes for pushing a defaults file after an installation via self-service - will it install in that users' home directory (say it installs to ~/Library/Preferences) or instead, the root user (as in packagemaker). Thanks, j On Aug 14, 2008, at 1:40 PM, Ernst, Craig S. wrote: > If you use Composer why wouldn?t it just be part of the package, why > does it need to be a separate file? Is this more for the security/ > licensing aspect so you don?t go over your licenses by everyone just > installing it since they see it? > > To answer your question, as long as it?s just a file you want to > modify with defaults or copy down it should work. Right now there > would be no trigger to make that second portion happen. You would > have to initiate that unless you do more scripting. =) > > Craig > > > On 8/14/08 12:26 PM, "Jeremy Matthews" wrote: > > Actually, we have volume licensing on everything possible - even > when there are only a few licenses....except Final Cut Pro. > All the consumer stuff doesn't seem to be bound by hardware...so far. > > So, is it doable using either of those methods for the non-hardware- > bound apps? > > -j > > On Aug 14, 2008, at 1:20 PM, Ernst, Craig S. wrote: > > The problem you might run into here is that the serialization that?s > created on one machine won?t work on a another as it is bound to the > hardware it was originally installed on. This is the case with many > Apple software products. To get around this you typically need to > purchase Volume licensing, which is 5 or more. And realisitically we > do that to get the media that allows for a non-hardware bound > install that can be packaged and deployed to multiple machines. I > know that this is what we do for Final Cut Studio as well as Final > Cut Express. I imagine that iWork is the same. > > Perhaps this will answer your question. > > Craig E > > > On 8/14/08 12:09 PM, "Jeremy Matthews" > wrote: > > > Lets say you have a self-service item, iWork for example. > After iWork is installed by the user, you want to serialize iWork by > way of either: > > 1) writing user defaults to that users' preference file (assume you > would choose to add a script in casper and run after the package is > installed) > 2) Deposit a file into the users' /Library/Preferences/ directory > > I can't attempt yet (our Casper is offline) - but need to continue > working to deploy these once it is online. Does either method work? > They sure don't work in packagemaker as postinstall scripts....since > installer runs as root it can't understand the concept of "~" outside > of the root user itself. > > Thanks, > jeremy > _______________________________________________ > Casper mailing list > Casper at list.jamfsoftware.com > http://list.jamfsoftware.com/mailman/listinfo/casper > > > > > > -------------- next part -------------- An HTML attachment was scrubbed... URL: http://list.jamfsoftware.com/pipermail/casper/attachments/20080814/a41a0ab0/attachment.html From miles.leacy at themacadmin.com Thu Aug 14 11:02:06 2008 From: miles.leacy at themacadmin.com (Miles Leacy) Date: Thu, 14 Aug 2008 14:02:06 -0400 Subject: [Casper] User-based shell scripts after self-service installation In-Reply-To: References: <46A12439-F8BF-4D1D-9E4B-81392CDF4D2E@mac.com> Message-ID: The script will do what you tell it to. If you tell it to operate in user space, it will. I typically use a "for" command when I need to apply the same command to every item in a particular directory, such as /Users. For example: for i in $( ls /Users ) ; do defaults write /Users/$i/Library/Preferences/com.manufacturer.product key type value ; done Pardon me if my syntax isn't perfect, I don't have my script library or a Mac OS X box at hand at the moment, but this is the general idea. You can grep out stuff you don't want, or use if then else statements to avoid putting your files in places such as /Users/Shared. -------------- next part -------------- An HTML attachment was scrubbed... URL: http://list.jamfsoftware.com/pipermail/casper/attachments/20080814/f8bdcaf7/attachment.html From jeremymatthews at mac.com Thu Aug 14 11:02:38 2008 From: jeremymatthews at mac.com (Jeremy Matthews) Date: Thu, 14 Aug 2008 14:02:38 -0400 Subject: [Casper] User-based shell scripts after self-service installation In-Reply-To: References: <46A12439-F8BF-4D1D-9E4B-81392CDF4D2E@mac.com> Message-ID: Ah - you know what, I was focusing on using the tilde too much. It makes total sense just to grep around or whoami and then execute based on that. Thanks, j On Aug 14, 2008, at 1:57 PM, Miles Leacy IV wrote: > The script will do what you tell it to. If you tell it to operate > in user space, it will. > > I typically use a "for" command when I need to apply the same > command to every item in a particular directory, such as /Users. > For example: > > for i in $( ls /Users ) ; do defaults write /Users/$i/Library/ > Preferences/com.manufacturer.product key type value ; done > > Pardon me if my syntax isn't perfect, I don't have my script library > or a Mac OS X box at hand at the moment, but this is the general > idea. You can grep out stuff you don't want, or use if then else > statements to avoid putting your files in places such as /Users/ > Shared. > From NATHANIEL.LINDLEY at spps.org Thu Aug 14 14:23:52 2008 From: NATHANIEL.LINDLEY at spps.org (NATHANIEL.LINDLEY at spps.org) Date: Thu, 14 Aug 2008 16:23:52 -0500 Subject: [Casper] Open Directory binding Message-ID: Can someone point me in the right direction for pushing/automating Open Directory binding with Casper Remote or policy? I'm thinking it will be dscl commands on 10.5, but will that work for 10.4? We need to remove current OD bindings from clients and then create a new OD binding on a whole bunch-o-machines. Thanks, -Nathaniel SPPS -------------- next part -------------- An HTML attachment was scrubbed... URL: http://list.jamfsoftware.com/pipermail/casper/attachments/20080814/fed33311/attachment.htm From chad.brewer at bend.k12.or.us Thu Aug 14 14:32:42 2008 From: chad.brewer at bend.k12.or.us (Chad Brewer) Date: Thu, 14 Aug 2008 14:32:42 -0700 Subject: [Casper] Open Directory binding In-Reply-To: References: Message-ID: Here's my script. We also bind to AD so I have it adding AD to the search policy ahead of LDAP. defaults write /Library/Preferences/DirectoryService/DirectoryService "LDAPv3" "Active" dsconfigldap -v -a od.server.com -n od.server.com -u username -p password sleep 10 dscl /Search -create / SearchPolicy CSPSearchPath killall DirectoryService sleep 5 dscl /Search -create / SearchPolicy CSPSearchPath dscl /Search -append / CSPSearchPath "/Active Directory/All Domains" dscl /Search -append / CSPSearchPath /LDAPv3/od.server.com NATHANIEL.LINDLEY at spps.org on August 14, 2008 at 2:23 PM -0700 wrote: > >Can someone point me in the right direction for pushing/automating Open >Directory binding with Casper Remote or policy? I'm thinking it will be >dscl commands on 10.5, but will that work for 10.4? >We need to remove current OD bindings from clients and then create a new >OD binding on a whole bunch-o-machines. > >Thanks, >-Nathaniel > >SPPS_______________________________________________ >Casper mailing list >Casper at list.jamfsoftware.com >http://list.jamfsoftware.com/mailman/listinfo/casper -------------- next part -------------- An HTML attachment was scrubbed... URL: http://list.jamfsoftware.com/pipermail/casper/attachments/20080814/f754c7cc/attachment.html From ron.prue at mynoahs.com Thu Aug 14 14:37:15 2008 From: ron.prue at mynoahs.com (Ron Prue) Date: Thu, 14 Aug 2008 15:37:15 -0600 Subject: [Casper] Upgrade to 6.0 now tomcat will not start Message-ID: Hi all, We have just upgraded to version 6.0 and now we cannot get Tomcat started. In the JSS setup utility it says that my Database Schema is 6.0, my SQL version is 5.0.45, and that my Tomcat version is unavailable . All other services are running fine and I have tried reinstalling JSS on the server to no avail. Any ideas? Ron Prue 1441 West Ute. Blvd Suite 100 Park City, UT 84098 435.214.2927 ron.prue at mynoahs.com From tlarki at kckps.org Thu Aug 14 15:13:30 2008 From: tlarki at kckps.org (Thomas Larkin) Date: Thu, 14 Aug 2008 17:13:30 -0500 Subject: [Casper] Upgrade to 6.0 now tomcat will not start Message-ID: <48A467BA02000039000014A5@gwoes4.kckps.org> what version of OS X and what type of install? Tomcat works great on my new JSS installed it last night and migrated to 6.0 no issues here. I did a clean load of 10.5 server and set it up as a stand alone advanced server. Thomas Larkin TIS Department KCKPS USD500 tlarki at kckps.org cell: 913-449-7589 office: 913-627-0351 >>> Ron Prue 08/14/08 4:38 PM >>> Hi all, We have just upgraded to version 6.0 and now we cannot get Tomcat started. In the JSS setup utility it says that my Database Schema is 6.0, my SQL version is 5.0.45, and that my Tomcat version is unavailable . All other services are running fine and I have tried reinstalling JSS on the server to no avail. Any ideas? Ron Prue 1441 West Ute. Blvd Suite 100 Park City, UT 84098 435.214.2927 ron.prue at mynoahs.com _______________________________________________ Casper mailing list Casper at list.jamfsoftware.com http://list.jamfsoftware.com/mailman/listinfo/casper From ron.prue at mynoahs.com Thu Aug 14 15:16:29 2008 From: ron.prue at mynoahs.com (Ron Prue) Date: Thu, 14 Aug 2008 16:16:29 -0600 Subject: [Casper] Upgrade to 6.0 now tomcat will not start In-Reply-To: <48A467BA02000039000014A5@gwoes4.kckps.org> References: <48A467BA02000039000014A5@gwoes4.kckps.org> Message-ID: <472BBA6F-661A-4EF9-9550-49728CF9A518@mynoahs.com> We are on Leopard 10.5.4 using it as an Open Directory Master. Ron Prue 1441 West Ute. Blvd Suite 100 Park City, UT 84098 435.214.2927 ron.prue at mynoahs.com On Aug 14, 2008, at 4:13 PM, Thomas Larkin wrote: > what version of OS X and what type of install? Tomcat works great > on my new JSS installed it last night and migrated to 6.0 no issues > here. I did a clean load of 10.5 server and set it up as a stand > alone advanced server. > > Thomas Larkin > TIS Department > KCKPS USD500 > tlarki at kckps.org > cell: 913-449-7589 > office: 913-627-0351 >>>> Ron Prue 08/14/08 4:38 PM >>> > Hi all, > > We have just upgraded to version 6.0 and now we cannot get Tomcat > started. In the JSS setup utility it says that my Database Schema is > 6.0, my SQL version is 5.0.45, and that my Tomcat version is > unavailable . All other services are running fine and I have tried > reinstalling JSS on the server to no avail. > > Any ideas? > > > Ron Prue > 1441 West Ute. Blvd Suite 100 > Park City, UT 84098 > 435.214.2927 > ron.prue at mynoahs.com > > > > > > > > _______________________________________________ > Casper mailing list > Casper at list.jamfsoftware.com > http://list.jamfsoftware.com/mailman/listinfo/casper > From HPOSTMAN at capousd.org Thu Aug 14 15:17:05 2008 From: HPOSTMAN at capousd.org (Postman, Hillary) Date: Thu, 14 Aug 2008 15:17:05 -0700 Subject: [Casper] Upgrade to 6.0 now tomcat will not start In-Reply-To: Message-ID: We had that same problem, call their support & they will walk you though manually starting and also editing the config file. It's a very quick fix and I'm sorry I can remember the exact thing I did or I'd share it here. Hillary Hillary Postman Technology Support Specialist III Capistrano Unified School District 33122 Valle Rd. San Juan Capistrano, CA (949) 234-5530 On 8/14/08 2:37 PM, "Ron Prue" wrote: > Hi all, > > We have just upgraded to version 6.0 and now we cannot get Tomcat > started. In the JSS setup utility it says that my Database Schema is > 6.0, my SQL version is 5.0.45, and that my Tomcat version is > unavailable . All other services are running fine and I have tried > reinstalling JSS on the server to no avail. > > Any ideas? > > > Ron Prue > 1441 West Ute. Blvd Suite 100 > Park City, UT 84098 > 435.214.2927 > ron.prue at mynoahs.com > > > > > > > > _______________________________________________ > Casper mailing list > Casper at list.jamfsoftware.com > http://list.jamfsoftware.com/mailman/listinfo/casper From tlarki at kckps.org Thu Aug 14 15:16:58 2008 From: tlarki at kckps.org (Thomas Larkin) Date: Thu, 14 Aug 2008 17:16:58 -0500 Subject: [Casper] Open Directory binding Message-ID: <48A4688A02000039000014AF@gwoes4.kckps.org> I bind all clients to the ODM in the image, and then have post imaging and building level subnet policies that will rebind the client to the specific ODR that is in that building. here is my script. #!/bin/sh #This script binds a 10.4.11 or 10.5 client to an LDAP (OD) server. oldserver="odm.domain.com" newserver="odr.domain.com" /usr/sbin/dsconfigldap -r $oldserver /usr/bin/dscl localhost -delete /Search CSPSearchPath /LDAPv3/$oldserver /usr/bin/dscl localhost -delete /Contact CSPSearchPath /LDAPv3/$oldserver sleep 10 /usr/sbin/dsconfigldap -a $newserver /usr/bin/dscl localhost -create /Search SearchPolicy dsAttrTypeStandard:CSPSearchPath /usr/bin/dscl localhost -merge /Search CSPSearchPath /LDAPv3/$newserver /usr/bin/dscl localhost -create /Contact SearchPolicy dsAttrTypeStandard:CSPSearchPath /usr/bin/dscl localhost -merge /Contact CSPSearchPath /LDAPv3/$newserver So, effectively it removes the binding to the ODM, sleeps for 10 seconds for all connections to clear and then rebinds the client to specified ODR at the building the client is in. This helps reduce traffic for authentication over the WAN. I have it as a post image script and a policy that runs once per a computer on smart groups based on VLAN. Thomas Larkin TIS Department KCKPS USD500 tlarki at kckps.org cell: 913-449-7589 office: 913-627-0351 >>> 08/14/08 4:28 PM >>> Can someone point me in the right direction for pushing/automating Open Directory binding with Casper Remote or policy? I'm thinking it will be dscl commands on 10.5, but will that work for 10.4? We need to remove current OD bindings from clients and then create a new OD binding on a whole bunch-o-machines. Thanks, -Nathaniel SPPS From tlarki at kckps.org Thu Aug 14 15:19:08 2008 From: tlarki at kckps.org (Thomas Larkin) Date: Thu, 14 Aug 2008 17:19:08 -0500 Subject: [Casper] Upgrade to 6.0 now tomcat will not start Message-ID: <48A4690C02000039000014B4@gwoes4.kckps.org> I think when you run it on an ODM it modifies the tomcat launchd plist and you have to go in and modify that file to get it to work. JAMF support should know the answer. Thomas Larkin TIS Department KCKPS USD500 tlarki at kckps.org cell: 913-449-7589 office: 913-627-0351 >>> Ron Prue 08/14/08 5:17 PM >>> We are on Leopard 10.5.4 using it as an Open Directory Master. Ron Prue 1441 West Ute. Blvd Suite 100 Park City, UT 84098 435.214.2927 ron.prue at mynoahs.com On Aug 14, 2008, at 4:13 PM, Thomas Larkin wrote: > what version of OS X and what type of install? Tomcat works great > on my new JSS installed it last night and migrated to 6.0 no issues > here. I did a clean load of 10.5 server and set it up as a stand > alone advanced server. > > Thomas Larkin > TIS Department > KCKPS USD500 > tlarki at kckps.org > cell: 913-449-7589 > office: 913-627-0351 >>>> Ron Prue 08/14/08 4:38 PM >>> > Hi all, > > We have just upgraded to version 6.0 and now we cannot get Tomcat > started. In the JSS setup utility it says that my Database Schema is > 6.0, my SQL version is 5.0.45, and that my Tomcat version is > unavailable . All other services are running fine and I have tried > reinstalling JSS on the server to no avail. > > Any ideas? > > > Ron Prue > 1441 West Ute. Blvd Suite 100 > Park City, UT 84098 > 435.214.2927 > ron.prue at mynoahs.com > > > > > > > > _______________________________________________ > Casper mailing list > Casper at list.jamfsoftware.com > http://list.jamfsoftware.com/mailman/listinfo/casper > From ron.prue at mynoahs.com Thu Aug 14 15:20:38 2008 From: ron.prue at mynoahs.com (Ron Prue) Date: Thu, 14 Aug 2008 16:20:38 -0600 Subject: [Casper] Upgrade to 6.0 now tomcat will not start In-Reply-To: References: Message-ID: <704890C6-63B3-46FE-ACFA-C27A41FFFC3F@mynoahs.com> I will contact support as you suggest. Thanks Hillary and Thomas. Ron Prue 1441 West Ute. Blvd Suite 100 Park City, UT 84098 435.214.2927 ron.prue at mynoahs.com On Aug 14, 2008, at 4:17 PM, Postman, Hillary wrote: > We had that same problem, call their support & they will walk you > though > manually starting and also editing the config file. It's a very > quick fix > and I'm sorry I can remember the exact thing I did or I'd share it > here. > > Hillary > > > Hillary Postman > Technology Support Specialist III > Capistrano Unified School District > 33122 Valle Rd. > San Juan Capistrano, CA > (949) 234-5530 > > > > > On 8/14/08 2:37 PM, "Ron Prue" wrote: > >> Hi all, >> >> We have just upgraded to version 6.0 and now we cannot get Tomcat >> started. In the JSS setup utility it says that my Database Schema is >> 6.0, my SQL version is 5.0.45, and that my Tomcat version is >> unavailable . All other services are running fine and I have tried >> reinstalling JSS on the server to no avail. >> >> Any ideas? >> >> >> Ron Prue >> 1441 West Ute. Blvd Suite 100 >> Park City, UT 84098 >> 435.214.2927 >> ron.prue at mynoahs.com >> >> >> >> >> >> >> >> _______________________________________________ >> Casper mailing list >> Casper at list.jamfsoftware.com >> http://list.jamfsoftware.com/mailman/listinfo/casper > > _______________________________________________ > Casper mailing list > Casper at list.jamfsoftware.com > http://list.jamfsoftware.com/mailman/listinfo/casper From tlarki at kckps.org Fri Aug 15 16:17:03 2008 From: tlarki at kckps.org (Thomas Larkin) Date: Fri, 15 Aug 2008 18:17:03 -0500 Subject: [Casper] FYI: self service command to reboot into boot camp Message-ID: <48A5C58B0200003900001562@gwoes4.kckps.org> So, after almost pulling my hair out trying to make a self service policy that will force a reboot into windows, I finally found the answer. At first I tried just having Casper set the boot volume to the boot camp partition, that did not work. JAMF support had me try the bless command, and that did not work either. The bless manual page is very lacking. It is actually quite simple, and I thought i would post this on the Casper list for anyone who deploys dual booting Macs with OS X/Windows and still wants to lock down firmware and manage the clients. so here are the very basic steps 1) Create new policy in JSS 2) Make it sure it is self service, add comments and custom logo if you want. I used the Windows XP logo for the policy. 3) On the reboot tab, force a reboot with your desired options. I force a reboot instantly, as I don't want my users interrupting it. 4) On the advanced tab, on the bottom there is a run unix command box, in there put this simple command /usr/sbin/bless --device /dev/ --setBoot --legacy --nextonly If you don't know the node your windows partition is on, simply in terminal do a diskutil list and it will list all of your partitions and the node they are on. For example, my windows partition is on /dev/disk0s3, so I would use that after the device flag. You have to have the --legacy option. This is because Macs don't use BIOS and need to be set for legacy support and was the missing factor in my debacle earlier. Now on the Windows side forcing the user back into OS X is a bit tricky, but I have a Novell object policy that runs a script for an application called autoIT, that forces the user back into OS X upon exiting a certain application. It works for me when manually invoked, but I have yet to toss it on my JSS. I have full confidence it will most likely work as advertised though. Just remember to test it before you put it in the live environment. Later, Thomas Larkin TIS Department KCKPS USD500 tlarki at kckps.org cell: 913-449-7589 office: 913-627-0351 From tlarki at kckps.org Mon Aug 18 07:39:30 2008 From: tlarki at kckps.org (Thomas Larkin) Date: Mon, 18 Aug 2008 09:39:30 -0500 Subject: [Casper] wierd JSS error Message-ID: <48A9430302000039000015FA@gwoes4.kckps.org> anyone seen this before? Sending Wake On LAN command... Opening SSH Connection to 10.160.75.15... Authenticating... Successfully authenticated. Verifying Computer's Identity... The MAC Address has been verified. Checking Operating System Version... Running Mac OS X 10.5.3 (9D34) Verifying /usr/sbin/jamf... /usr/sbin/jamf is current (6.0) Verifying /usr/sbin/jamfvnc... /usr/sbin/jamfvnc is current (4.00) Verifying /private/etc/jamf.conf... The jamf.conf file was recreated. Preparing Management... Error Returned from JSS: Looking up user: java.sql.SQLException: Value '0000-00-00' can not be represented as java.sql.Timestamp Executing Policy 2008-08-18 at 9:35 AM | tlarkin | 1 Computer... Mounting afp://xs106-casper.kckps.org/CasperShare to /Volumes/CasperShare... Mounting afp://casper106.kckps.org/CasperShare to /Volumes/CasperShare... Installing self_serve.dmg... Filling User Home Directories from ... Installing self_serve.dmg... Closing package... Unmounting file server... Enforcing Management Framework... The Management Framework will be enforced as soon as all Policies are done executing. Submitting log to https://xs001-casper.kckps.org:8443/... Finished. From tlarki at kckps.org Mon Aug 18 08:02:05 2008 From: tlarki at kckps.org (Thomas Larkin) Date: Mon, 18 Aug 2008 10:02:05 -0500 Subject: [Casper] CS3 upgrades Message-ID: <48A947F0020000390000161B@gwoes4.kckps.org> I have an upgrade disk of CS 3. It has an application DVD and an upgrade DVD. How would I go about creating a new up to date CS 3 deployable image? I have users pestering me for it already I found this on the old youtube http://www.youtube.com/watch?v=uI6aHpWPr6E However, it doesn't cover the Update disks. Thanks in advance for any insights. Thomas Larkin TIS Department KCKPS USD500 tlarki at kckps.org cell: 913-449-7589 office: 913-627-0351 From mcorippo at lblp.com Mon Aug 18 10:47:03 2008 From: mcorippo at lblp.com (mcorippo) Date: Mon, 18 Aug 2008 10:47:03 -0700 Subject: [Casper] fixDocks does not fix? Message-ID: Hi all, Just tried to use the jamf binary "fixDocks" verb to remove question marks for apps that don't exist in a particular set of machines. It doesn't appear to work. Anybody using this with success? Is there a trick to it? http://jamfsoftware.com/kb/article.php?id=021 In testing it does fix part of the Dock the dock removing questions marks for missing files and folders, but does not appear to do anything to remove broken links to nonexistent apps. Are we just missing something? TIA, Matt Corippo Lindamood-Bell Learning Processes I.T. Dept. - From john.brenner at merrillcorp.com Mon Aug 18 11:15:27 2008 From: john.brenner at merrillcorp.com (Brenner, John) Date: Mon, 18 Aug 2008 13:15:27 -0500 Subject: [Casper] fixDocks does not fix? In-Reply-To: Message-ID: My understanding is this only repairs, but does not remove broken links. On 8/18/08 12:47 PM, "mcorippo" wrote: > Hi all, > > Just tried to use the jamf binary "fixDocks" verb to remove question marks for > apps that don't exist in a particular set of machines. It doesn't appear to > work. > > Anybody using this with success? Is there a trick to it? > > http://jamfsoftware.com/kb/article.php?id=021 > > In testing it does fix part of the Dock the dock removing questions marks for > missing files and folders, but does not appear to do anything to remove broken > links to nonexistent apps. Are we just missing > something? > > > TIA, > Matt Corippo > Lindamood-Bell Learning Processes > I.T. Dept. > - > > _______________________________________________ > Casper mailing list > Casper at list.jamfsoftware.com > http://list.jamfsoftware.com/mailman/listinfo/casper John Brenner | Merrill Corporation | IOG IT | 651-632-4072 From tlarki at kckps.org Mon Aug 18 11:44:09 2008 From: tlarki at kckps.org (Thomas Larkin) Date: Mon, 18 Aug 2008 13:44:09 -0500 Subject: [Casper] new servers Message-ID: <48A97CA90200003900001678@gwoes4.kckps.org> So, I have 6 new servers set up and I have everything set up properly. The share point ACLs for my read only and read/write casper users, my packages, propagated permissions, and I can mount the share point in the finder on any mac by afp://domain.com/sharepoint and it works. however when I netboot my client into the server and try to image it I am getting the NiObjects error, which means it doesn't have permission to access the share....? Any ideas? Just upgraded to version 6. thanks, Thomas Larkin TIS Department KCKPS USD500 tlarki at kckps.org cell: 913-449-7589 office: 913-627-0351 From tlarki at kckps.org Mon Aug 18 12:22:13 2008 From: tlarki at kckps.org (Thomas Larkin) Date: Mon, 18 Aug 2008 14:22:13 -0500 Subject: [Casper] new servers Message-ID: <48A9859502000039000016A0@gwoes4.kckps.org> Well, It is a DNS issue. Figure it out, it isn't doing reverse DNS look ups properly. Switched everything over to IPs until my network guy can fix DNS. Thomas Larkin TIS Department KCKPS USD500 tlarki at kckps.org cell: 913-449-7589 office: 913-627-0351 >>> "Thomas Larkin" 08/18/08 1:45 PM >>> So, I have 6 new servers set up and I have everything set up properly. The share point ACLs for my read only and read/write casper users, my packages, propagated permissions, and I can mount the share point in the finder on any mac by afp://domain.com/sharepoint and it works. however when I netboot my client into the server and try to image it I am getting the NiObjects error, which means it doesn't have permission to access the share....? Any ideas? Just upgraded to version 6. thanks, Thomas Larkin TIS Department KCKPS USD500 tlarki at kckps.org cell: 913-449-7589 office: 913-627-0351 _______________________________________________ Casper mailing list Casper at list.jamfsoftware.com http://list.jamfsoftware.com/mailman/listinfo/casper From detroye1 at apple.com Mon Aug 18 12:35:45 2008 From: detroye1 at apple.com (John DeTroye) Date: Mon, 18 Aug 2008 13:35:45 -0600 Subject: [Casper] Leopard tips and tricks for MCX Message-ID: <98881C31-AF6E-41E6-B046-08C32E8DC548@apple.com> Gang, After a marathon few weeks, I have finished the first edition of the Leopard Tips and Tricks for MCX document. It is posted in the Public folder of my iDisk (johnd) in the "Latest Tips" folder. The pdf is about 9MB in size, and yes, please pass it on as you see fit. You can also reach it through the web at http://homepage.mac.com/johnd - a site that needs serious editing updates. Thanks, johnd -- John DeTroye Email: johnd at apple.com Sr. Consulting Engineer Work: 303-933-1807 Systems Management Specialist Fax: 303-979-6616 Apple - Education iChat: johnd at mac.com Tips and Tricks Docs - http://idisk.mac.com/johnd -- From jeff.johnson at glendale.k12.wi.us Mon Aug 18 15:47:24 2008 From: jeff.johnson at glendale.k12.wi.us (Jeff Johnson) Date: Mon, 18 Aug 2008 17:47:24 -0500 Subject: [Casper] error message using Casper Remote after upgrading to v6 Message-ID: I upgraded to v6 last week - seemed relatively painless and problem-free. However, when I tried to use the new Casper Remote for the first time today, I got this error message: Sending Wake On LAN command... Opening SSH Connection to 10.1.1.27... Authenticating... Successfully authenticated. Verifying Computer's Identity... The MAC Address has been verified. Checking Operating System Version... Running Mac OS X 10.4.11 (8S2167) Verifying /usr/sbin/jamf... /usr/sbin/jamf is current (6.0) Verifying /usr/sbin/jamfvnc... /usr/sbin/jamfvnc is current (4.00) Verifying /private/etc/jamf.conf... The jamf.conf file was recreated. Preparing Management... Downloading AS36117.dmg... Verifying DMG... Error: The downloaded package could not be verified. Enforcing Management Framework... The Management Framework will be enforced as soon as all Policies are done executing. Submitting log to https://casper:8443/... Finished. No matter what dmg file I try to deploy, I get the same error message ("Error: The downloaded package could not be verified.). All of these DMGs were successfully deployed prior to the upgrade. Any insights from the JAMF universe? Thanks Jeff Johnson Technology Coordinator Glendale-River Hills School District Glendale, WI 53209 jeff.johnson at glendale.k12.wi.us From ERNSTCS at uwec.edu Mon Aug 18 18:24:23 2008 From: ERNSTCS at uwec.edu (Ernst, Craig S.) Date: Mon, 18 Aug 2008 20:24:23 -0500 Subject: [Casper] error message using Casper Remote after upgrading to v6 In-Reply-To: Message-ID: If you try to manually mount that DMG package on the share does the OS say it's bad? Otherwise I'd check permissions on the package. Craig E On 8/18/08 5:47 PM, "Jeff Johnson" wrote: I upgraded to v6 last week - seemed relatively painless and problem-free. However, when I tried to use the new Casper Remote for the first time today, I got this error message: Sending Wake On LAN command... Opening SSH Connection to 10.1.1.27... Authenticating... Successfully authenticated. Verifying Computer's Identity... The MAC Address has been verified. Checking Operating System Version... Running Mac OS X 10.4.11 (8S2167) Verifying /usr/sbin/jamf... /usr/sbin/jamf is current (6.0) Verifying /usr/sbin/jamfvnc... /usr/sbin/jamfvnc is current (4.00) Verifying /private/etc/jamf.conf... The jamf.conf file was recreated. Preparing Management... Downloading AS36117.dmg... Verifying DMG... Error: The downloaded package could not be verified. Enforcing Management Framework... The Management Framework will be enforced as soon as all Policies are done executing. Submitting log to https://casper:8443/... Finished. No matter what dmg file I try to deploy, I get the same error message ("Error: The downloaded package could not be verified.). All of these DMGs were successfully deployed prior to the upgrade. Any insights from the JAMF universe? Thanks Jeff Johnson Technology Coordinator Glendale-River Hills School District Glendale, WI 53209 jeff.johnson at glendale.k12.wi.us _______________________________________________ Casper mailing list Casper at list.jamfsoftware.com http://list.jamfsoftware.com/mailman/listinfo/casper -------------- next part -------------- An HTML attachment was scrubbed... URL: http://list.jamfsoftware.com/pipermail/casper/attachments/20080818/00796520/attachment.html From tgreenleaf at saintmarksschool.org Tue Aug 19 11:16:31 2008 From: tgreenleaf at saintmarksschool.org (Tatian Greenleaf) Date: Tue, 19 Aug 2008 11:16:31 -0700 Subject: [Casper] error message using Casper Remote after upgrading to v6 In-Reply-To: References: Message-ID: I am seeing the same thing today. I have a call into JAMF support. I can mount the DMG file and I can even install it using Casper Imaging. But if I try to install the package using Casper Remote, I get the error mentioned ("The downloaded package could not be verified."). This seems independent of which package or which computers I use. These were packages that installed fine in the past. ____________________________ Tatian Greenleaf Associate Director of Technology Saint Mark's School (415) 472-8000 x1014 "Ernst, Craig S." writes: >If you try to manually mount that DMG package on the share does the OS >sayy it?s bad? Otherwise I?d check permissions on the package. > >Craig E From eric.winkelhake at us-resources.com Tue Aug 19 11:31:12 2008 From: eric.winkelhake at us-resources.com (Eric Winkelhake) Date: Tue, 19 Aug 2008 13:31:12 -0500 Subject: [Casper] error message using Casper Remote after upgrading to v6 In-Reply-To: Message-ID: VErify permissions on the said packages. In my experience this has always been the issue. -- Eric Winkelhake | Technology Services ? Mundocom | Re:Sources IT 35 West Wacker Drive, Suite 3000 | Chicago, IL 60601 Office: 312-220-1669 | Mobile: 312-519-5632 Email: Eric.Winkelhake at us-resources.com Open a Service Desk Ticket | Navigating IT | Training Now "Tatian Greenleaf" Sent by: casper-bounces at list.jamfsoftware.com 08/19/08 01:20 PM To "Ernst, Craig S." cc Casper List Subject Re: [Casper] error message using Casper Remote after upgrading to v6 I am seeing the same thing today. I have a call into JAMF support. I can mount the DMG file and I can even install it using Casper Imaging. But if I try to install the package using Casper Remote, I get the error mentioned ("The downloaded package could not be verified."). This seems independent of which package or which computers I use. These were packages that installed fine in the past. ____________________________ Tatian Greenleaf Associate Director of Technology Saint Mark's School (415) 472-8000 x1014 "Ernst, Craig S." writes: >If you try to manually mount that DMG package on the share does the OS >sayy it?s bad? Otherwise I?d check permissions on the package. > >Craig E _______________________________________________ Casper mailing list Casper at list.jamfsoftware.com http://list.jamfsoftware.com/mailman/listinfo/casper ------------------------------------------------------------------------ Disclaimer The information in this email and any attachments may contain proprietary and confidential information that is intended for the addressee(s) only. If you are not the intended recipient, you are hereby notified that any disclosure, copying, distribution, retention or use of the contents of this information is prohibited. When addressed to our clients or vendors, any information contained in this e-mail or any attachments is subject to the terms and conditions in any governing contract. If you have received this e-mail in error, please immediately contact the sender and delete the e-mail. -------------- next part -------------- An HTML attachment was scrubbed... URL: http://list.jamfsoftware.com/pipermail/casper/attachments/20080819/f22bede7/attachment-0001.htm -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: image/gif Size: 3903 bytes Desc: not available Url : http://list.jamfsoftware.com/pipermail/casper/attachments/20080819/f22bede7/attachment-0001.gif From snookkd at appstate.edu Tue Aug 19 11:39:35 2008 From: snookkd at appstate.edu (Kevin D Snook) Date: Tue, 19 Aug 2008 14:39:35 -0400 Subject: [Casper] error message using Casper Remote after upgrading to v6 Message-ID: ("The downloaded package could not be verified.") In our case this was a problem when we had http package distribution turned on for our CasperShare. Disabling http in the JSS Utility or JSS Web fixed our issues. JAMF support > Do you have HTTP enabled? If so, are they pointed to the correct file share? > Another reason may be that the packages may be too big if going through HTTP. > Can you disable HTTP, redeploy and see what happens. -------- Kevin D Snook Senior Macintosh Systems Administrator Desktop Services - IT Enterprise Systems Appalachian State University 2020 Raley Hall - Boone, NC 28608 828-262-6682 -------- Apple Certified Desktop Technician Apple Sales Professional Apple Product Professional From eyoung at thayer.org Tue Aug 19 11:50:22 2008 From: eyoung at thayer.org (Eric Young) Date: Tue, 19 Aug 2008 14:50:22 -0400 Subject: [Casper] error message using Casper Remote after upgrading to v6 In-Reply-To: References: Message-ID: There is a known bug with the JSS setup utility that can enable the HTTP download feature. Launching the utility and authenticating is enough to trigger it. to verify, log into your JSS and make sure HTTP is set to "no" for your distribution points.... unless you use HTTP then just please ignore me :-) -------------------------------------------------------------------------------------------- I must not fear. Fear is the mind-killer. Fear is the little-death that brings total obliteration. I will face my fear. I will permit it to pass over me and through me. And when it has gone past I will turn the inner eye to see its path. Where the fear has gone there will be nothing. Only I will remain. --Bene Gesserit Litany (Frank Herbert) -------------------------------------------------------------------------- Eric Young eyoung at thayer.org On Aug 19, 2008, at 2:39 PM, Kevin D Snook wrote: > ("The downloaded package could not be verified.") > > In our case this was a problem when we had http package distribution > turned > on for our CasperShare. > > Disabling http in the JSS Utility or JSS Web fixed our issues. > > JAMF support >> Do you have HTTP enabled? If so, are they pointed to the correct >> file share? >> Another reason may be that the packages may be too big if going >> through HTTP. >> Can you disable HTTP, redeploy and see what happens. > > -------- > Kevin D Snook > Senior Macintosh Systems Administrator > Desktop Services - IT Enterprise Systems > Appalachian State University > 2020 Raley Hall - Boone, NC 28608 > 828-262-6682 > -------- > Apple Certified Desktop Technician > Apple Sales Professional > Apple Product Professional > > > > _______________________________________________ > Casper mailing list > Casper at list.jamfsoftware.com > http://list.jamfsoftware.com/mailman/listinfo/casper From tlarki at kckps.org Tue Aug 19 11:53:04 2008 From: tlarki at kckps.org (Thomas Larkin) Date: Tue, 19 Aug 2008 13:53:04 -0500 Subject: [Casper] time stamp error message and server load balancing Message-ID: <48AACF8A0200003900001769@gwoes4.kckps.org> So, I ran across something very strange about 5 minutes ago. I have a CS3 package built and ready to be tested before I deploy it. So I a using Casper Remote to push out the package manually to see if it works, and well an error occurred and I was reading through the logs and saw this: Looking up user: java.sql.SQLException: Value '0000-00-00' can not be represented as java.sql.Timestamp Switching servers for load balacing... Executing Policy 2008-08-19 at 1:36 PM | tlarkin | 1 Computer... Mounting afp://casper106.kckps.org/CasperShare to /Volumes/CasperShare... Error: The package (CS3.dmg) could not be found. Then I saw that it switched to a different share point for load balancing and this is the bizzarre thing. For one my main share point is a brand spanking new intel xserve running a RAID with 4gigs of RAM. My back up for load balancing is a Core2Duo Mac mini. Why in the heck is it load balancing? Also, we haven't deployed my building yet so I have 1,357 Macbooks sitting on shelfs doing nothing right now in my office. So, why would the server even be taxed at this point to even try to load balance? I think I am going to turn load balancing off because that makes no sense. Activity monitor shows my CPUs using like 0.1% of the quad xeon processors, and RAM is being threaded out and there is still like over 2gigs of RAM not even being used. Of course I haven't synchronized my Mac Mini back up share points yet so when it load balanced it couldn't find CS3 and produced that error. So, I know why it ultimately didn't work but I don't understand the load balance option in the JSS. I think perhaps it just alternates transactions between servers, and well I want my Xserve doing the bulk of the work and only when it is being too taxed do I want the mini to help out. Thoughts? Thomas Larkin TIS Department KCKPS USD500 tlarki at kckps.org cell: 913-449-7589 office: 913-627-0351 From john.brenner at merrillcorp.com Tue Aug 19 11:52:01 2008 From: john.brenner at merrillcorp.com (Brenner, John) Date: Tue, 19 Aug 2008 13:52:01 -0500 Subject: [Casper] time stamp error message and server load balancing In-Reply-To: <48AACF8A0200003900001769@gwoes4.kckps.org> Message-ID: Network traffic? On 8/19/08 1:53 PM, "Thomas Larkin" wrote: > So, I ran across something very strange about 5 minutes ago. I have a CS3 > package built and ready to be tested before I deploy it. So I a using Casper > Remote to push out the package manually to see if it works, and well an error > occurred and I was reading through the logs and saw this: > > Looking up user: java.sql.SQLException: Value '0000-00-00' can not be > represented as java.sql.Timestamp > Switching servers for load balacing... > Executing Policy 2008-08-19 at 1:36 PM | tlarkin | 1 Computer... > Mounting afp://casper106.kckps.org/CasperShare to /Volumes/CasperShare... > Error: The package (CS3.dmg) could not be found. > > Then I saw that it switched to a different share point for load balancing and > this is the bizzarre thing. For one my main share point is a brand spanking > new intel xserve running a RAID with 4gigs of RAM. My back up for load > balancing is a Core2Duo Mac mini. Why in the heck is it load balancing? > Also, we haven't deployed my building yet so I have 1,357 Macbooks sitting on > shelfs doing nothing right now in my office. So, why would the server even be > taxed at this point to even try to load balance? > > I think I am going to turn load balancing off because that makes no sense. > Activity monitor shows my CPUs using like 0.1% of the quad xeon processors, > and RAM is being threaded out and there is still like over 2gigs of RAM not > even being used. > > Of course I haven't synchronized my Mac Mini back up share points yet so when > it load balanced it couldn't find CS3 and produced that error. So, I know why > it ultimately didn't work but I don't understand the load balance option in > the JSS. I think perhaps it just alternates transactions between servers, and > well I want my Xserve doing the bulk of the work and only when it is being too > taxed do I want the mini to help out. > > Thoughts? > > Thomas Larkin > TIS Department > KCKPS USD500 > tlarki at kckps.org > cell: 913-449-7589 > office: 913-627-0351 > _______________________________________________ > Casper mailing list > Casper at list.jamfsoftware.com > http://list.jamfsoftware.com/mailman/listinfo/casper John Brenner | Merrill Corporation | IOG IT | 651-632-4072 From tlarki at kckps.org Tue Aug 19 12:12:34 2008 From: tlarki at kckps.org (Thomas Larkin) Date: Tue, 19 Aug 2008 14:12:34 -0500 Subject: [Casper] time stamp error message and server load balancing Message-ID: <48AAD3A80200003900001774@gwoes4.kckps.org> The client machine getting the policy is the only client on the VLAN period and there would be maybe a small hand full of teachers getting the self service updates in my building at the moment. I highly doubt there is any network traffic going to that distribution point server I will check server monitor and look at the AFP throughput for the last few hours and see what it looks like >>> "Brenner, John" 08/19/08 1:54 PM >>> Network traffic? On 8/19/08 1:53 PM, "Thomas Larkin" wrote: > So, I ran across something very strange about 5 minutes ago. I have a CS3 > package built and ready to be tested before I deploy it. So I a using Casper > Remote to push out the package manually to see if it works, and well an error > occurred and I was reading through the logs and saw this: > > Looking up user: java.sql.SQLException: Value '0000-00-00' can not be > represented as java.sql.Timestamp > Switching servers for load balacing... > Executing Policy 2008-08-19 at 1:36 PM | tlarkin | 1 Computer... > Mounting afp://casper106.kckps.org/CasperShare to /Volumes/CasperShare... > Error: The package (CS3.dmg) could not be found. > > Then I saw that it switched to a different share point for load balancing and > this is the bizzarre thing. For one my main share point is a brand spanking > new intel xserve running a RAID with 4gigs of RAM. My back up for load > balancing is a Core2Duo Mac mini. Why in the heck is it load balancing? > Also, we haven't deployed my building yet so I have 1,357 Macbooks sitting on > shelfs doing nothing right now in my office. So, why would the server even be > taxed at this point to even try to load balance? > > I think I am going to turn load balancing off because that makes no sense. > Activity monitor shows my CPUs using like 0.1% of the quad xeon processors, > and RAM is being threaded out and there is still like over 2gigs of RAM not > even being used. > > Of course I haven't synchronized my Mac Mini back up share points yet so when > it load balanced it couldn't find CS3 and produced that error. So, I know why > it ultimately didn't work but I don't understand the load balance option in > the JSS. I think perhaps it just alternates transactions between servers, and > well I want my Xserve doing the bulk of the work and only when it is being too > taxed do I want the mini to help out. > > Thoughts? > > Thomas Larkin > TIS Department > KCKPS USD500 > tlarki at kckps.org > cell: 913-449-7589 > office: 913-627-0351 > _______________________________________________ > Casper mailing list > Casper at list.jamfsoftware.com > http://list.jamfsoftware.com/mailman/listinfo/casper John Brenner | Merrill Corporation | IOG IT | 651-632-4072 _______________________________________________ Casper mailing list Casper at list.jamfsoftware.com http://list.jamfsoftware.com/mailman/listinfo/casper From tgreenleaf at saintmarksschool.org Tue Aug 19 12:32:10 2008 From: tgreenleaf at saintmarksschool.org (Tatian Greenleaf) Date: Tue, 19 Aug 2008 12:32:10 -0700 Subject: [Casper] error message using Casper Remote after upgrading to v6 In-Reply-To: References: Message-ID: That did it... thank you! I disabled HTTP downloads and that fixed the problem. I'm not sure how that got enabled, but apparently it had been. Tatian Kevin D Snook writes: >("The downloaded package could not be verified.") > >In our case this was a problem when we had http package distribution >turnerd >on for our CasperShare. > >Disabling http in the JSS Utility or JSS Web fixed our issues. > >JAMF support >> Do you have HTTP enabled? If so, are they pointed to the correct file >shDare? >> Another reason may be that the packages may be too big if going through >>HTTP. >> Can you disable HTTP, redeploy and see what happens. > >-------- >Kevin D Snook >Senior Macintosh Systems Administrator >Desktop Services - IT Enterprise Systems >Appalachian State University >2020 Raley Hall - Boone, NC 28608 >828-262-6682 >-------- >Apple Certified Desktop Technician >Apple Sales Professional >Apple Product Professional > > > >_______________________________________________ >Casper mailing list >Casper at list.jamfsoftware.com >http://list.jamfsoftware.com/mailman/listinfo/casper From tgreenleaf at saintmarksschool.org Tue Aug 19 14:05:20 2008 From: tgreenleaf at saintmarksschool.org (Tatian Greenleaf) Date: Tue, 19 Aug 2008 14:05:20 -0700 Subject: [Casper] error message using Casper Remote after upgrading to v6 In-Reply-To: References: Message-ID: You're right. I just verified that. Thanks for the advice! Tatian Kevin D Snook writes: >It seemed to enable itself every time I opened the JSS Utility app. Until >II >explicitly told the JSS Utility to turn off Apache. Now it remains off all >the time. > >Snook From tlarki at kckps.org Tue Aug 19 14:34:09 2008 From: tlarki at kckps.org (Thomas Larkin) Date: Tue, 19 Aug 2008 16:34:09 -0500 Subject: [Casper] CS3 woes Message-ID: <48AAF60102000039000017C5@gwoes4.kckps.org> OK, so I never ran into this last year deploying CS3 and if I did I totally forgot how I fixed it. Error: The payloads directory does not exist at the specified base path (/Volumes/Adobe CS3 Design Premium) Closing package... Unmounting file server... Eh, Anyone? From jeremymatthews at mac.com Wed Aug 20 08:34:25 2008 From: jeremymatthews at mac.com (Jeremy Matthews) Date: Wed, 20 Aug 2008 11:34:25 -0400 Subject: [Casper] run script as different user? Message-ID: Casper can run scripts against your box, but it does so as a root user - what if I want to run the script as a different user, such as the one who is logged in - without prompting for a password (like su-)? Thanks, j From tlarki at kckps.org Wed Aug 20 08:42:39 2008 From: tlarki at kckps.org (Thomas Larkin) Date: Wed, 20 Aug 2008 10:42:39 -0500 Subject: [Casper] run script as different user? Message-ID: <48ABF5200200003900001898@gwoes4.kckps.org> May I ask why you would want to do this? If you can script it, Casper can and will run it. If we know your higher goal perhaps we can better answer your question. Thomas Larkin TIS Department KCKPS USD500 tlarki at kckps.org cell: 913-449-7589 office: 913-627-0351 >>> Jeremy Matthews 08/20/08 10:35 AM >>> Casper can run scripts against your box, but it does so as a root user - what if I want to run the script as a different user, such as the one who is logged in - without prompting for a password (like su-)? Thanks, j _______________________________________________ Casper mailing list Casper at list.jamfsoftware.com http://list.jamfsoftware.com/mailman/listinfo/casper From jeremymatthews at mac.com Wed Aug 20 08:48:17 2008 From: jeremymatthews at mac.com (Jeremy Matthews) Date: Wed, 20 Aug 2008 11:48:17 -0400 Subject: [Casper] run script as different user? In-Reply-To: <48ABF5200200003900001898@gwoes4.kckps.org> References: <48ABF5200200003900001898@gwoes4.kckps.org> Message-ID: <83830618-3052-46EA-88B1-E4F4826B4CDD@mac.com> I want to write defaults to a plist for a user that won't get horked. Needs to be pre-created... Thanks, jeremy On Aug 20, 2008, at 11:42 AM, Thomas Larkin wrote: > May I ask why you would want to do this? > > If you can script it, Casper can and will run it. If we know your > higher goal perhaps we can better answer your question. > > Thomas Larkin > TIS Department > KCKPS USD500 > tlarki at kckps.org > cell: 913-449-7589 > office: 913-627-0351 >>>> Jeremy Matthews 08/20/08 10:35 AM >>> > Casper can run scripts against your box, but it does so as a root user > - what if I want to run the script as a different user, such as the > one who is logged in - without prompting for a password (like su-)? > > Thanks, > j > _______________________________________________ > Casper mailing list > Casper at list.jamfsoftware.com > http://list.jamfsoftware.com/mailman/listinfo/casper > From tlarki at kckps.org Wed Aug 20 08:54:59 2008 From: tlarki at kckps.org (Thomas Larkin) Date: Wed, 20 Aug 2008 10:54:59 -0500 Subject: [Casper] run script as different user? Message-ID: <48ABF80302000039000018AE@gwoes4.kckps.org> You can do this many ways. use a wild card and apply to all users enforce it from MCX if you are running Open Directory Use composer and take a snap shot of the modification and assign it to smart groups with in casper, then deploy set it up as a self service policy and use the ~/ for that users plist set it in the (forgot the file path) configuration file that pushes out new user settings every time a user is created What exactly are you trying to do? Thomas Larkin TIS Department KCKPS USD500 tlarki at kckps.org cell: 913-449-7589 office: 913-627-0351 >>> Jeremy Matthews 08/20/08 10:49 AM >>> I want to write defaults to a plist for a user that won't get horked. Needs to be pre-created... Thanks, jeremy On Aug 20, 2008, at 11:42 AM, Thomas Larkin wrote: > May I ask why you would want to do this? > > If you can script it, Casper can and will run it. If we know your > higher goal perhaps we can better answer your question. > > Thomas Larkin > TIS Department > KCKPS USD500 > tlarki at kckps.org > cell: 913-449-7589 > office: 913-627-0351 >>>> Jeremy Matthews 08/20/08 10:35 AM >>> > Casper can run scripts against your box, but it does so as a root user > - what if I want to run the script as a different user, such as the > one who is logged in - without prompting for a password (like su-)? > > Thanks, > j > _______________________________________________ > Casper mailing list > Casper at list.jamfsoftware.com > http://list.jamfsoftware.com/mailman/listinfo/casper > From jeremymatthews at mac.com Wed Aug 20 09:14:32 2008 From: jeremymatthews at mac.com (Jeremy Matthews) Date: Wed, 20 Aug 2008 12:14:32 -0400 Subject: [Casper] run script as different user? In-Reply-To: <48ABF80302000039000018AE@gwoes4.kckps.org> References: <48ABF80302000039000018AE@gwoes4.kckps.org> Message-ID: Tried applying to all users - the file is created, but I then have to go in a muck around with ownership - or else it gets overwritten when certain apps are launched and cannot find a valid plist. If I try to return the session user during an installation, it is usually root. Our 10.5 server is working, but clients are not binding properly, so MCX attributes are out - unless I want to push those out as well, but pointless until it is set for production. It was my understanding that composer used packagemaker, and therefore during an "installation", runs as root - which brings me back to the issue - script needs to run as a different user - without me asking the user to authenticate. Tried the tilde - didn't work. Config file sounds interesting....what is that about? Thanks, j On Aug 20, 2008, at 11:54 AM, Thomas Larkin wrote: > You can do this many ways. > > use a wild card and apply to all users > > enforce it from MCX if you are running Open Directory > > Use composer and take a snap shot of the modification and assign it > to smart groups with in casper, then deploy > > set it up as a self service policy and use the ~/ for that users plist > > set it in the (forgot the file path) configuration file that pushes > out new user settings every time a user is created > > What exactly are you trying to do? > > Thomas Larkin > TIS Department > KCKPS USD500 > tlarki at kckps.org > cell: 913-449-7589 > office: 913-627-0351 >>>> Jeremy Matthews 08/20/08 10:49 AM >>> > I want to write defaults to a plist for a user that won't get horked. > Needs to be pre-created... > > Thanks, > jeremy > > On Aug 20, 2008, at 11:42 AM, Thomas Larkin wrote: > >> May I ask why you would want to do this? >> >> If you can script it, Casper can and will run it. If we know your >> higher goal perhaps we can better answer your question. >> >> Thomas Larkin >> TIS Department >> KCKPS USD500 >> tlarki at kckps.org >> cell: 913-449-7589 >> office: 913-627-0351 >>>>> Jeremy Matthews 08/20/08 10:35 AM >>> >> Casper can run scripts against your box, but it does so as a root >> user >> - what if I want to run the script as a different user, such as the >> one who is logged in - without prompting for a password (like su-)? >> >> Thanks, >> j >> _______________________________________________ >> Casper mailing list >> Casper at list.jamfsoftware.com >> http://list.jamfsoftware.com/mailman/listinfo/casper >> > > From r.wessen at neu.edu Wed Aug 20 10:04:45 2008 From: r.wessen at neu.edu (r.wessen at neu.edu) Date: Wed, 20 Aug 2008 13:04:45 -0400 Subject: [Casper] run script as different user? In-Reply-To: Message-ID: Is your OD binding problem solved with this tip? http://support.apple.com/kb/TS1245 It's a common one when imaging 10.5, like the local SID in Windows if you have done MS imaging as well. In fact if anyone from JAMF is on this list, this would be a great feature to add when a 10.5 machine is first imaged. The first thing a machine should do is change the local KDC hash so each one is unique per machine. It seems to me to be enough of a problem that the imaging tools should take care of it, not a custom script by us users. ____________________ Bob Wessen System Administrator IS System Production Services 4 Hayden Hall Northeastern University C: (617) 799-4905 http://www.infoservices.neu.edu Jeremy Matthews Sent by: casper-bounces at list.jamfsoftware.com 08/20/2008 12:40 PM To Thomas Larkin cc casper at list.jamfsoftware.com Subject Re: [Casper] run script as different user? Tried applying to all users - the file is created, but I then have to go in a muck around with ownership - or else it gets overwritten when certain apps are launched and cannot find a valid plist. If I try to return the session user during an installation, it is usually root. Our 10.5 server is working, but clients are not binding properly, so MCX attributes are out - unless I want to push those out as well, but pointless until it is set for production. It was my understanding that composer used packagemaker, and therefore during an "installation", runs as root - which brings me back to the issue - script needs to run as a different user - without me asking the user to authenticate. Tried the tilde - didn't work. Config file sounds interesting....what is that about? Thanks, j On Aug 20, 2008, at 11:54 AM, Thomas Larkin wrote: > You can do this many ways. > > use a wild card and apply to all users > > enforce it from MCX if you are running Open Directory > > Use composer and take a snap shot of the modification and assign it > to smart groups with in casper, then deploy > > set it up as a self service policy and use the ~/ for that users plist > > set it in the (forgot the file path) configuration file that pushes > out new user settings every time a user is created > > What exactly are you trying to do? > > Thomas Larkin > TIS Department > KCKPS USD500 > tlarki at kckps.org > cell: 913-449-7589 > office: 913-627-0351 >>>> Jeremy Matthews 08/20