I'm setting up a server to manage our Mac Pro's. For this I have two machines in a test environment at my disposal.
Mac Pro's, mid 2012, 6core, 12Gb Ram, ...
Server: Mac OS X 10.8, fully updated OS and the lastest Server version.
Client: Mac OS X 10.7, fully updated
Both machines are a clean install of the OS, besides installing a few aps nothing has happend with them.
Both macs have a static IP from the DHCP server, I configured a forward and reverse record in our DNS to the OS X server.
The server has full access to the internet (normally everyone is behind a firewall / proxy (websense).
The client has access to internet through the proxy, local domain are excluded.
In our internal network NO traffic is blocked.
Both machines can ping eachother, DNS resolution works.
No firewall is enabled on the machines.
I installed the Server app, created a certificate, setup Open Directory, enabled the website and activated the Profile Manager.
I also enrolled the Server into our AD, so I can use the user groups to manage the settings.
In profile manager the groups show up as expected.
I can connect to the website of the server and install the machine certificate (self signed).
But when I try to "sign up" the machine, it installs the certificate without any problems but the machine is not "enrolled" nor does it show up in the devices on the server side.
removing all certificates from the client, rebooting, reinstaling the certificates, ...
requesting a new certificate on the server.
removing the proxy settings from the client, so all trafic has to go through our internal network.
using a different account to install the certificates.
reinstalling both OS's (reloaded an image i took) and tried again.
adding the server machine to be managed by the server app, this works without any problems !! (the server shows up on the "mydevices" website)
Still have to try;
Allowing the client full access to the internet (so not behind a proxy) => not something we are keen on !!!
Am I missing something?
How can I test if all requirements are met?
Is there a way to test where the problem lies?
Thank you !!
Domien De Clercq