-
Notifications
You must be signed in to change notification settings - Fork 138
Client passphrase
If you want to restrict access to your munkireport server, you can add passphrases to CLIENT_PASSPHRASES. If you set these, MunkiReport will only accept client requests that send the correct passphrase.
If you set a passphrase on the server, make sure you set the passphrase on the clients as well.
On the server, add the following string to .env:
CLIENT_PASSPHRASES="mysecretpassphrase, myotherpassphrase"On each client you need to add the passphrase to MunkiReport.plist:
defaults write /Library/Preferences/MunkiReport Passphrase 'mysecretpassphrase'Now when you run /usr/local/munki/postflight on the client, you should see that the update server can be contacted normally.
Munkireport will not set the passphrase on the client through the install script, it would be too easy for someone to get the passphrase that way. So you need to roll your own method of distributing the passphrase (via munki)
You can have only one passphrase per client.
- General Upgrade Procedures
- How to Upgrade Versions
- Troubleshooting Upgrades
- Migrating sqlite to MySQL