Looks like no one’s replied in a while. To start the conversation again, simply ask a new question.

User profile for user: Brian Critchlow
Brian Critchlow Author
User level: Level 1
46 points

DNS issue with transparent SUS setup

We are creating a transparent SUS (software update server) per this article:
http://www.macosxhints.com/article.php?story=20071009082248452

Unfortunately once we create the dns zone and record for swscan.apple.com all other apple.com sites and subdomains point to that server and ultimately stop working for the end user.

What do you think may be going wrong here?

MacBookPro Unibody, Mac OS X (10.5.7)

Posted on Jul 28, 2009 11:47 AM

Reply
4 replies
User profile for user: Mabel O'Farrell
Mabel O'Farrell
User level: Level 3
975 points

Jul 29, 2009 2:40 PM in response to Brian Critchlow

Why are you trying to do this? The SUS included with OS X Server already accomplishes this without the already present pitfalls of possible DNS misconfiguration. The only thing that you have to do to get your client workstations to 'see' your SUS is this, for all users (should all be on one line and may be wrapped):

sudo defaults write /Library/Preferences/com.apple.SoftwareUpdate CatalogURL http://your.softwareupdateserver.com:8088/
and this for the system (should all be on one line and may be wrapped):

sudo defaults write /private/var/root/Library/Preferences/com.apple.SoftwareUpdate CatalogURL http://your.softwareupdateserver.com:8088/
Note, you do not need the 'index.sucatalog' portion of the URL as that is the default location in the SUS.
Reply
User profile for user: Niloc_415
Niloc_415
User level: Level 1
8 points

Jul 31, 2009 3:36 AM in response to Mabel O'Farrell

I'd like to do this on our network as well. I don't want to add the plist line to zillions of Macs and we aren't using our Xserve as a DNS server. Not to mention this won't work for guest computers that come to our network or Windows clients either. This would work fine for the few Open Directory users we have of course.

The main problem I see with changing the DNS entries to point locally would be the Xserve not finding updates any longer. Could I point the /private/var/root plist to Apple's software update server IP? Or is the Software Update service intelligent enough to get the updates and then allow the Xserve's Software Update to get the update from itself as it were?
Reply
User profile for user: Mabel O'Farrell
Mabel O'Farrell
User level: Level 3
975 points

Jul 31, 2009 6:35 AM in response to Niloc_415

I don't want to add the plist line to zillions of Macs and we aren't using our Xserve as a DNS server.


You can 'push' that command out to client workstations with ARD's 'Send Unix command...'. You don't have to be running a DNS on an XServe to use a local SUS. Any DNS server that is authoritative for your domain that resolves the FQDN of your SUS will work. Also, the URL in the .plist can contain an IP address of the SUS.

Could I point the /private/var/root plist to Apple's software update server IP?


There is no need to point it at Apple's SUS. In the absence of that .plist file, client systems will automatically use Apple's SUS.
Reply

DNS issue with transparent SUS setup

Welcome to Apple Support Community
A forum where Apple customers help each other with their products. Get started with your Apple ID.
Learn more Sign up