Submit Hint Search The Forums LinksStatsPollsHeadlinesRSS
14,000 hints and counting!


Click here to return to the 'Create a transparent local software update server' hint
The following comments are owned by whoever posted them. This site is not responsible for what they say.
Create a transparent local software update server
Authored by: Marshmallow on Apr 13, '10 02:58:40PM

I have been following these steps to create a transparent local software update server, but it's not quite working right. Here are the steps I've taken:

1. Downloaded http://swscan.apple.com/content/meta/mirror-config-1.plist and copied it to /usr/share/swupd/html/content/meta/mirror-config-1.plist

2. Changed it to:

<key>PrimaryCatalog</key>
<string>http://swscan.apple.com/content/catalogs/index.sucatalog</string>
<key>CatalogsList</key>
<array>
<string>http://swscan.apple.com/content/catalogs/index.sucatalog</string>
<string>http://swscan.apple.com/content/catalogs/others/index-leopard.merged-1.sucatalog</string>
<string>http://swscan.apple.com/content/catalogs/others/index-leopard-snowleopard.merged-1.sucatalog</string>
</array>

3. Edited /etc/swupd/swupd.plist and changed the metaIndexURL entry to:

<key>metaIndexURL</key>
<string>http://mysus.mydomain.com:8088/content/meta/mirror-config-1.plist</string>
<key>portToUse</key>

4. Changed my *internal* DNS to point to swscan.apple.com, swcdn.apple.com, and swquery.apple.com to mysus.mydomain.com server at IP address 10.1.0.136.
* Verified connectivity by pinging these URLs from other computers and getting responses back from 10.1.0.136,
* and by surfing to http://swscan.apple.com:8088/index.sucatalog and pulling up my server's index.sucatalog page

5. Set mysus.mydomain.com's DNS to an *external* DNS server
* Added my local (internal) servers to the /etc/hosts file so it could communicate with them internally (Active Directory, Exchange, etc.)
* Verified it connects to the correct Apple servers both by pinging and by downloading the latest updates

6. After it generated the local catalog files, I added these symlinks:

cd /usr/share/swupd/html
ln -s /usr/share/swupd/html/content/catalogs/index.sucatalog
ln -s /usr/share/swupd/html/content/catalogs/others/index-leopard.merged-1.sucatalog
ln -s /usr/share/swupd/html/content/catalogs/others/index-leopard-snowleopard.merged-1.sucatalog

7. Started Web Service, and added the following redirects:

Pattern: /content/catalogs/index-1.sucatalog
Path: http://mysus.mydomain.com:8088/index.sucatalog

pattern: /content/catalogs/others/index-leopard.merged-1.sucatalog
path: http://mysus.mydomain.com:8088/index-leopard.merged-1.sucatalog

pattern: /content/catalogs/others/index-leopard-snowleopard.merged-1.sucatalog
path: http://mysus.mydomain.com:8088/index-leopard-snowleopard.merged-1.sucatalog

I am still not able to download updates to my workstations. When I try to check for updates, I get the message "Software Update can't check for updates because of a network problem." However, I can ping it, get the correct local IP using nslookup, and I can navigate to http://mysus.mydomain.com:8088/index.sucatalog.

So I've done a bit more poking around, and I found Apple.com's index.sucatalog file lists the URLs as http://swcdn.apple.com/content/downloads/etc… while my server's index.sucatalog file lists the URLs as http://mydomain.com:8088/content/downloads/etc… The URL is for the wrong server. My server should list the URLs as http://MYSUS.mydomain.com:8088/content/downloads/etc… I am clueless as to why my server lists the URLs incorrectly, and I don't know how to fix it. But, since the index.catalog file is pointing to the wrong server, I'm pretty sure this is the issue.

Does anybody have any suggestions? Ideas? Comments? Please help. My company has very limited T1 bandwidth (we are extremely rural), and the Apple updates just overwhelm us. My server is 10.5.8, mixed Windows/Mac network.

Thank you.



[ Reply to This | # ]
Create a transparent local software update server
Authored by: Marshmallow on Apr 14, '10 10:22:11AM

I've done a bit more testing, and the hostname missing from the FQDN is NOT the issue causing the network connection errors. (I corrected the FQDN in the *.sucatalog files, entered CLI command "defaults writes ..." to point my workstation to my server, and it was able to find the updates.

However, I also tested to see if it made any difference on my workstation whether the default writes CatalogURL pointed to http://mysus.mydomain.com:8088/index-leopard-snowleopard.merged-1.sucatalog or http://swscan.apple.com:8088/index-leopard-snowleopard.merged-1.sucatalog, and it does not. My workstation finds *my* server regardless of whichever FQDN I write to CatalogURL.

So, any ideas about why my workstations are unable to connect to my server without the defaults writes command? I don't believe it's a DNS issue because either FQDN works when using the CatalogURL, but I am at a loss as to what else to check.



[ Reply to This | # ]
Create a transparent local software update server
Authored by: Marshmallow on Apr 16, '10 11:57:18AM

After much screaming and cursing at the digital gods, I finally figured this out. Here is my solution:

I checked my web server settings. The default web server IP address was set to "any" and listed * (wildcard) for the IP address. I changed the IP address to my machine's address (10.1.0.136), stopped and restarted web services, stopped and restarted SUS services, and it worked.

I hope this information helps anyone else who may face this problem in the future.



[ Reply to This | # ]