View Only
last person joined: yesterday 

Forum to discuss Enterprise security using HPE Aruba Networking NAC solutions (ClearPass), Introspect, VIA, 360 Security Exchange, Extensions, and Policy Enforcement Firewall (PEF).
Expand all | Collapse all

JAMF School

This thread has been viewed 29 times
  • 1.  JAMF School

    Posted Jul 03, 2023 10:52 AM

    EDIT 1 uch, just noticed "zuluDeskPullOnStart" being set to FALSE.  True now.. will update later if this was the fix.
    EDIT 2 no such luck 

    [2023-07-03T17:07:00.103] [INFO] ZuluDesk - ZuluDesk pull on start is true. Starting pull process.
    [2023-07-03T17:07:00.105] [DEBUG] ZuluDesk - Making GET request to https://<customer>
    [2023-07-03T17:07:00.107] [INFO] ZuluDesk - Enabling ZuluDesk pull processor.
    [2023-07-03T17:07:00.107] [INFO] ZuluDesk - Using the pull schedule "0 3 * * *".
    [2023-07-03T17:07:00.119] [INFO] ZuluDesk - The next ZuluDesk pull processor is set to run at Tue Jul 04 2023 03:00:00 GMT+0200.
    [2023-07-03T17:07:00.124] [INFO] ZuluDesk - Starting extension web services...
    [2023-07-03T17:07:00.127] [INFO] ZuluDesk - Server listening on port 80.
    [2023-07-03T17:07:00.238] [DEBUG] ZuluDesk - Request "GET ''" took 78.45ms.
    [2023-07-03T17:07:00.239] [DEBUG] ZuluDesk - {"cppm_version":"","guest_version":"","installed_patches":[{"name":"6.11.1_source-rollback-package","description":"Optional ClearPass 6.11.x package required to rollback to previously installed 6.11.X version for customers using 6.11.1 as base image","installed":"2023-06-28T10:01:47+02:00"},{"name":"20230306-clearpass-6.11-updates-3","description":"ClearPass Policy Manager Cumulative Patch 3 for 6.11.0, 6.11.1 and 6.11.2","installed":"2023-06-28T10:20:20+02:00"}]}
    [2023-07-03T17:07:00.653] [DEBUG] ZuluDesk - Request "GET 'https://<customer>'" took 86.43ms.
    [2023-07-03T17:07:00.654] [ERROR] ZuluDesk - SyntaxError: Unexpected token < in JSON at position 0
        at JSON.parse (<anonymous>)
        at ext.makeRequest (/src/server.js:292:34)
        at Request.newCallback [as _callback] (/src/node_modules/clearpass-node-extension-sdk/extension-sdk.js:460:17)
        at Request.self.callback (/src/node_modules/request/request.js:185:22)
        at emitTwo (events.js:126:13)
        at Request.emit (events.js:214:7)
        at Request.<anonymous> (/src/node_modules/request/request.js:1161:10)
        at emitOne (events.js:116:13)
        at Request.emit (events.js:211:7)
        at IncomingMessage.<anonymous> (/src/node_modules/request/request.js:1083:12)

    So back to my original post:

    First time configuring JAMF endpoint context server and running into some issues.

    Trying with simple basic auth but keep getting "Failed to fetch Endpoint details from <customer> Error code: 302 Verify Proxy settings, Server credentials and retry." Mind you this is an 302 error, not 404. This same address into a browser does pop up the jamf webgui.

    Researching a bit further I can find an (old?) Clearpass extension "Jamf School (formerly ZuluDesk)".Mmm, maybe JAMF (PRO?) vs JAMF School is an important difference?
    Anyway, creating an API interface on the jamf site, then using the network ID and API key gives all the info I need to configure this extension it seems.  However.. this also doesn't appear to work: "[WARN] ZuluDesk - The ZuluDesk pull processor is disabled.".

    So, who has some experience with JAMF that can tell me if I should be using the extension or the endpoint context server settings? And maybe why either isn't working?

  • 2.  RE: JAMF School

    Posted Jul 04, 2023 04:18 AM

    Seems to me that this JAMF does not match with what ClearPass is expecting:

    SyntaxError: Unexpected token < in JSON at position 0

    This suggests to me that ClearPass receives HTML or XML instead of (expected) JSON. Can be version/product mismatch or failing authentication/authorization where the JAMF service returns HTML error message instead of the JSON.

    I don't have experience. If no other responses appear, it may be best to open a TAC Support case if you verified that the JAMF School is supported and is the same as ZuluDesk.

    Herman Robers
    If you have urgent issues, always contact your Aruba partner, distributor, or Aruba TAC Support. Check for how to contact Aruba TAC. Any opinions expressed here are solely my own and not necessarily that of Hewlett Packard Enterprise or Aruba Networks.

    In case your problem is solved, please invest the time to post a follow-up with the information on how you solved it. Others can benefit from that.

  • 3.  RE: JAMF School

    Posted Jul 19, 2023 09:13 AM

    Well, we had Jamf Pro configured as an endpoint context server, and found out it stopped working in late December 2022. First I noticed that enable cert, enable fetch and enable bypass proxy were all off. I enabled fetch endpoints, but getting a similar error as yours: 

    "Failed to fetch Endpoint details from Error code: 401 Verify Proxy settings, Server credentials and retry."

    Looking into info on how to configure, current clearpass docs mention that Jamf stopped allowing basic auth but then, everything points to configure a new plugin in the guest module. My question is, is there a way to get the current one working again or do we have to use the new plugin?

    BUT - the date coincides when we upgraded our CPPM from 6.8.6 to 6.10.8 which failed and with TAC had to redeploy a new instance, restoring from backups. Maybe we had an old plugin installed before which did not come back with the restore? UGH.


  • 4.  RE: JAMF School

    Posted Sep 08, 2023 12:18 PM

    Just seeing this thread now.  I ran into this with a customer a while back and it turned out the problem was that Zuludesk changed their endpoint URL format for certain customers, and the plugin was not able to accommodate the new format and kept trying to visit an incorrect URL.  I had to turn on debugging on the plugin before I saw it.  TAC was able to push a fix for me.  It did not affect all customers at that particular time.  This was about a year ago, I think.  The behavior matches exactly what you are describing; basically the plugin got an HTML reply (due to incorrect URL error page) rather than a JSON reply (what it expects from the API).