lonely written words—are all you’ve got”

—Virginia Shea

“communication happens when I know you know what I know”



The JAMF Software Server (JSS) is the central repository for all Casper Information. It holds:

  • Hardware and software inventory
  • Mac client administration credentials
  • Server credentials
  • Network configurations
  • Management configurations

Passive Management

Surprisingly, though, the JSS does very little of the actual work to manage devices. Casper is designed to distribute all the work for managing a device to the device itself. The JSS never intiates a connection to a client. Instead, the client periodically initiates a connection to the JSS. Each time the client checks in, it reports its JSS ID, its IP address, the time and who’s logged in to the device. It also asks the JSS if it has any tasks to perform and runs those tasks.

If the JSS instructs a Mac to install a software package during the check-in, it provides the machine the credentials to connect to a distribution point and the name of the package to install. The Mac itself initiates the connection to the distribution point, copies the software installer and installs the software. If the JSS requests an updated inventory after the package is installed, the Mac will run the command line equivalent of System Information and upload the results to the JSS.

Address and Port

By default, a self-hosted JSS uses the Apache Tomcat SSL port 8443 for secure communication. It can also use 9006 for unsecured communication.

The address for a self-hosted JSS is https://server.domain.com:8443/.

The address for a JAMF-hosted JSS is https://jss.jamfcloud.com/company/.

SSL requires a certificate for encrypted communication and the JSS includes a built-in Certificate Authority (CA) to sign the SSL server certificate. An administrator can replace the built-in certificate with a third party certificate to eliminate alert messages about unverified certificates. This is a good practice if end-users enroll their own devices into the JSS.