Azure

blackholemac
Valued Contributor III

I'll preface by noting that there is a feature request on adding Azure as a formal cloud-based distribution point to the JSS. The feature request is here: [https://www.jamf.com/jamf-nation/feature-requests/2083/microsoft-azure-support-for-cloud-distributions-points](link URL)

Please feel free to vote up as a lot of orgs have access to Azure fairly cheaply. I've already had everyone I know personally vote up. More are welcome to.

I'm not here primarily to solicit vote-ups though. I've decided to "bull forward" and try to bend Azure to our JSS as it is now without changes. Primarily I need an off-campus distribution point and this fits the bill seemingly well and cheaply.

Has anyone tried spinning up an Azure server, enabling SMB services on port 445, adding said server as a File share distribution point to the JSS and configuring policies/network segments appropriately to only make use of Azure when you are wanting to get small-file policies out to machines off-campus or maybe one large policy out to someone at a conference off campus?

I would be interested to hear any stories on the subject...even "don't do it stories". Being that Azure is our secondary DP, I have zero problems spinning it back down if convinced it's a dumb thing to do, but I am really hoping to make a go of this idea. I had actually debating spinning up an Ubuntu Linux instance in Azure and using a JDS, but backed out of that idea for various reasons...I'll try simple file shares for now. I have tested it now and it seems to work...

Kind regards,
blackholemac

4 REPLIES 4

Taylor_Armstron
Valued Contributor

No experience, but VERY interested.... and I'll be up-voting the Feature Request too.
We need to do some testing to see if it would be worthwhile bandwidth-wise, but we've already been tossing around the idea for some of our more remote WAN connections.

blackholemac
Valued Contributor III

@Taylor.Armstrong That is my chief concern at the moment. The dead storage costs are minimal...the ongoing bandwidth costs are what I worry about. I have set the default DP to always be the internal but to failover to the Azure and have set the network segments to always default to internal and I have set the scoping of all large file policies to limit to internal only...I'm hoping I'm not missing anything...the goal is only small stupid easy packages can come from Azure or only policies we specifically want to run from it to help a remote user in a pinch.

JS_WWU
New Contributor III

Would also appreciate this functionality!

swapple
Contributor III

about to attempt this. Any tips would be appreciated!!