[UPDATE 9-12-14] I posted an updated version of this with screenshots for version 9.x of the JSS here.
[UPDATE 6-6-13] Box is changing the URL they us for WebDAV, migrating to a newer version that should improve performance and stability. I’ve updated this post to reflect those changes. I also replaced a couple of the screenshots with better resolution copies (and correct URLs).
There are a lot of options out there for cloud storage, and some of them work great as distribution points for your JSS. In this post I’m going to walk you through properly setting up a folder in Box.com to act as your new Casper share, setting up automatic syncing from your server for new packages, and then plugging it all into your JSS.
Setting Up Box
First, you, the admin, need to create a root level folder for your new Casper share. You can name it whatever you want, but in my example we’ll use the folder name “CasperShare-Box”.
Now, that could be all we do on the Box end, but we want to setup proper security for this just like any other distribution point. So, you’ll want to create two new users in your Box account:
We’re not going to directly assign either of these users directly to the “CasperShare-Box” folder, even though we easily could. Instead, to make it easier to grant other users in your account “Editor” and “Viewer” permissions, we’re going to create two new groups in Box:
“Casper Admin” which we will grant “Editor” permissions for all members to the “CasperShare-Box” folder.
“Casper Install” which we will grant “Viewer” permissions for all members to the “CasperShare-Box” folder.
There, now we have proper permissions set for our “CasperShare-Box” folder. The last thing we need to do is log out, log back in as the firstname.lastname@example.org account, and then “Sync Folder to Computer” for the next steps.
Setting Up Your Master Distribution Point
Now, this next part is somewhat optional. If you are an Enterprise customer with Box you can perform file transfers over FTP, so you could use an FTP client for uploading your packages.
Otherwise, you can go the entirely automated route by installing Box Sync. You can get the installer right out of Box by clicking that gearbox icon next to your name, or by browsing the Box apps list. There are Mac and Windows versions for whichever OS is playing host to your master Distribution Point (sorry, no Linux support here).
After it has been installed, you’ll have a new Box folder in your “/User/Documents/” or “/User/My Documents/” folders. Inside that folder you’ll find your synced Casper share folder. In my case, its the “CasperShare-Box” folder.
You’re going to want to make this folder mountable over AFP or SMB (depending on what protocol you’re using in your environment) and make sure there are Casper Admin and Casper Install accounts with the correct permissions setup. If you already have a distribution point setup on your server you will want to move the contents of it into the “/Box/CasperShare-Box/” directory and then change the server settings to point to the new location.
Everything that is copied into here from now on will be replicated up to the “CasperShare-Box” folder in Box without any manual action on your part. Box Sync takes care of all of it for you. Since the share is still mountable via AFP/SMB you can continue to use Casper Admin for managing your packages and they will upload after you load them into the master.
If you’re replicating an existing Casper Share it may take some time for everything to copy. In my test, I setup a ~215 GB replica of an existing Casper share and it took about a day and half to fully upload via Box Sync.
Setting Up the JSS Distribution Point Settings
Now you need to enter all the information for the Box.com share into your JSS. Login, go to “Settings”, “Management Framework”, “Servers” and click the “Add Server” button. There isn’t much you need to enter in order for the distribution point to work. In the “General” tab enter:
Display Name: CasperShare Box (or whatever you put in)
DNS Name or IP Address: dav.box.com
We’re done in the “General” tab now. Skip the “File Sharing” tab because there’s nothing we’re going to enter into there. Click on the “HTTP” tab. Now we’ll need to enter a lot more in here. All of this only works because Box supports WebDAV which allows us to pass URLs that the JSS will understand.
Check the box for “HTTP Downloads are enabled for this Distribution Point” and then set the following:
Context: dav/CasperShare-Box (enter what your name after “dav/”)
Now select the radio button for “Username & Password Authentication is Required” and enter in:
Verify Password: YourPassword
(Note: if you didn’t do a security setup as described above, any user account with “Viewer” access to the folder can be entered for the authentication credentials)
And that’s all. You’ve created a Box.com Casper Share and set it up in your JSS. If you’ve setup a test JSS instance, you can try this out by creating a “Network Segment” that starts with 18.104.22.168 and ends with 255.255.255.255 and assign the Box.com Casper Share to it. Then manage a test Mac (or better yet, a test Mac VM) and create a Self Service policy to run on it.
In my case, the first package installed via a Box.com Casper Share was Google Chrome.
Now, there are some limitations with using Box.com. If you’re an Enterprise account, you’re all set. You have unlimited storage and the file size limit is 5 GB. If you’re a Business account you have a 1 TB limit overall, but each file caps at 2 GB size limit. If you’re using a Personal account… well, no Box Sync, but it’ll work, but why?
Also, this workflow is dependent upon the built in WebDAV support. Should Box ever remove it, then the Casper shares setup this way will not longer work. Always have a backup plan.
If you setup your own Box shares, let me know how it turns out for you. Did you encounter any problems? While testing it, what were your impressions of the reliability? File transfer speeds? Feel free to share this content anywhere you wish (might I suggest JAMF Nation?) and feel free to contact me if you figure out ways of improving upon this.