cancel
Showing results for 
Search instead for 
Did you mean: 

Afaria 7 - iOS Client 'Verification failed'

Former Member
0 Kudos

Hi everyone,

I'm trying to connect my iPad to Afaria 7, and I'm receiving a 'Verification failed' message in the Afaria Application.

Even when I try to enroll the device with self-service portal, I received the same message.

I'm using Afaria 7 Appliance.

Thanks in advanced.

Accepted Solutions (0)

Answers (6)

Answers (6)

Former Member
0 Kudos

Florencia,

Are you using debbuger View Application ?

Former Member
0 Kudos

AFARIA ENROLLMENT 406
Problem Solved.

About the issue "406" from Afaria-iOS enrollment.

Basically, you have to be sure you installed the SQL's login user with default language = "english".

Regards
Gian Carlo Vera .

Former Member
0 Kudos

hi Gian and Ximena,

From your screenshot i saw you guys can enroll iOS with http, is it correct?

i'm struggling with http and https.

thank you.

j_raymakers
Participant
0 Kudos

Hi Doan,

I encounter the same problem.

I checked the solution of Gian (database login language) but this is ok @ our side.

Can we solved this issue together, steps to proceed, what is already done so far etc. etc.


Kind regards,

Jacco Raymakers.

Former Member
0 Kudos

Doan, iOS uses both if you want. Generally, the first connection is made via http and the next ones via https. What is the problem you are having?

Regards

Former Member
0 Kudos

Jacco, in my case, the SQL wasn't the problem in the end. What kind of trouble are you having? Show me some logs and maybe I can help you further.

Regards

j_raymakers
Participant
0 Kudos

Hi Ximena Garcia,

We are getting error http://<server>/aips2/aipService.svc/PostData has failed with status 406, when afaria tries to install the profile service. We have a self signed certificate which is OK.

Basically I don't know where I can find logging, or how to troubleshoot?

the Afaria environment are reachable on port 80 http://190.2.50.181/aips, http://190.2.50.181/aips2 and http://190.2.50.181/CertSrv.

Can you help me further?

Steps to proceed.

Thank you very much!


Kind regards,

Jacco Raymakers

D_Olderdissen
Advisor
Advisor
0 Kudos

iOS 5 and higher devices will force a HTTPS connection during the second phase of the enrolment. So when using a self signed cert and a mixed HTTP + HTTPS environment, the iOS connects first on HTTP, finds a cert for that it has no root cert in the keychain, requests from the user if he want's to import it, and then does his HTTPS thing.

So you do need to enable the HTTPS networking for the inbound MDM traffic. If you are only using HTTPS, you will need to either manualy import the root cert of your self signed cert signing entity or you need to use a real cert where the root cert is already on the device.

In order to get some visibility, download the AICU (Apple iPhone Configuration Utility), install it and hook up your iOS device via cable. In AICU select your device and switch to the "Console" tab => voilá you get the device side logs ...

On the Afaria side, look at the Relay Server logs, the RSOE logs, the Afaria logs. Also recommended would be to run debugview.exe (a MS tool, plz google) on the Afaria server.

j_raymakers
Participant
0 Kudos

Dirk,

Thanks for your reply!  I will install the AICU and debugview.exe and see what is going on.

We only using HTTPS and the root cert is already imported from signing entity into afaria server.

Question: Must the common name of the certificate have a certain format like *.company.corp (wildcards) in stead of: afaria.company.corp?  Or does this not jeopardise the enrollment process of iOS devices?

Kind regards,

Jacco Raymakers

D_Olderdissen
Advisor
Advisor
0 Kudos

Yes, the common name in the cert must match and must be resolvable from the iOS device perspective:

The common name must be the box that the iOS device hits first on it's way to the Afaria Server as the iOS MDM interface will run a DNS lookup on the common name inside the cert to make sure the server it is talking to the server in the cert.

That has tripped a bunch of people, particularly when enrolling via WLAN and strange DNS lookup or routing rules. 🙂

j_raymakers
Participant
0 Kudos

Many Thanks Dirk,

The issue is now solved.

The AICU tool was telling us the problem.

In our case the external host was allready signed by another CA and had to stay this way.

Now we have signed another Common Name, which points to the afaria server, hereafter the profile was pushed!

Former Member
0 Kudos

Hi,

I have the same error 406 'host not found' enrolling an iOS device.

Raymakers, can you please give me some more details on how you solved the problem?

What do you entered as Common Name in the IIS Certificate Request?

When you are talking about external host do you mean you entered as Common Name the Public IP Address (or public server name) of the Afaria Server?

IN the following the error reported by AICU tool (the part in Italian is saying that the host specified was not found):

Dec 10 16:15:19 iPad profiled[800] <Notice>: (Note ) MC: Checking for MDM installation...

Dec 10 16:15:19 iPad profiled[800] <Notice>: (Note ) MC: ...finished checking for MDM installation.

Dec 10 16:15:22 iPad profiled[800] <Notice>: (Note ) MC: Enrolling in OTA Profile service...

Dec 10 16:15:22 iPad profiled[800] <Error>: Dec 10 16:15:22  SecTrustEvaluate  [leaf AnchorTrusted]

Dec 10 16:15:28 iPad profiled[800] <Notice>: (Error) MC: Cannot retrieve SCEP identity: NSError:

Desc   : Si  verificato un errore del network.

Sugg   : Impossibile trovare un server con il nome host specificato.

US Desc: A network error has occurred.

Domain : MCSCEPErrorDomain

Code   : 22005

Type   : MCFatalError

...Underlying error:

NSError:

Desc   : Impossibile trovare un server con il nome host specificato.

Domain : NSURLErrorDomain

Code   : -1003

Type   : MCFatalError

Dec 10 16:15:28 iPad profiled[800] <Notice>: (Error) MC: Failure occurred while retrieving profile during OTA Profile Enrollment: NSError:

Desc   : Si  verificato un errore del network.

Sugg   : Impossibile trovare un server con il nome host specificato.

US Desc: A network error has occurred.

Domain : MCSCEPErrorDomain

Code   : 22005

Type   : MCFatalError

...Underlying error:

NSError:

Desc   : Impossibile trovare un server con il nome host specificato.

Domain : NSURLErrorDomain

Code   : -1003

Type   : MCFatalError

Dec 10 16:15:28 iPad profiled[800] <Notice>: (Error) MC: Installation failed. Error: NSError:

Desc   : Installazione profilo non riuscita

Sugg   : Si  verificato un errore del network.

US Desc: Profile Installation Failed

US Sugg: A network error has occurred.

Domain : MCInstallationErrorDomain

Code   : 4001

Type   : MCFatalError

...Underlying error:

NSError:

Desc   : Si  verificato un errore del network.

Sugg   : Impossibile trovare un server con il nome host specificato.

US Desc: A network error has occurred.

Domain : MCSCEPErrorDomain

Code   : 22005

Type   : MCFatalError

...Underlying error:

NSError:

Desc   : Impossibile trovare un server con il nome host specificato.

Domain : NSURLErrorDomain

Code   : -1003

Type   : MCFatalError

Extra info:

{

isPrimary = 1;

}

Dec 10 16:15:34 iPad profiled[800] <Notice>: (Note ) MC: Checking for MDM installation...

Dec 10 16:15:34 iPad profiled[800] <Notice>: (Note ) MC: ...finished checking for MDM installation.

Dec 10 16:15:35 iPad profiled[800] <Notice>: (Note ) MC: Enrolling in OTA Profile service...

Dec 10 16:15:35 iPad profiled[800] <Error>: Dec 10 16:15:35  SecTrustEvaluate  [leaf AnchorTrusted]

Dec 10 16:15:36 iPad profiled[800] <Notice>: (Error) MC: Failure occurred while retrieving profile during OTA Profile Enrollment: NSError:

Desc   : Una transazione con il server a http://194.243.141.81:81/aips2/aipService.svc/PostData non  riuscita e ha causato lo stato 406.

US Desc: A transaction with the server at http://194.243.141.81:81/aips2/aipService.svc/PostData has failed with the status 406.

Domain : MCHTTPTransactionErrorDomain

Code   : 23001

Type   : MCFatalError

Params : (

"http://194.243.141.81:81/aips2/aipService.svc/PostData",

406

)

Dec 10 16:15:36 iPad profiled[800] <Notice>: (Error) MC: Installation failed. Error: NSError:

Desc   : Installazione profilo non riuscita

Sugg   : Una transazione con il server a http://194.243.141.81:81/aips2/aipService.svc/PostData non  riuscita e ha causato lo stato 406.

US Desc: Profile Installation Failed

US Sugg: A transaction with the server at http://194.243.141.81:81/aips2/aipService.svc/PostData has failed with the status 406.

Domain : MCInstallationErrorDomain

Code   : 4001

Type   : MCFatalError

...Underlying error:

NSError:

Desc   : Una transazione con il server a http://194.243.141.81:81/aips2/aipService.svc/PostData non  riuscita e ha causato lo stato 406.

US Desc: A transaction with the server at http://194.243.141.81:81/aips2/aipService.svc/PostData has failed with the status 406.

Domain : MCHTTPTransactionErrorDomain

Code   : 23001

Type   : MCFatalError

Params : (

"http://194.243.141.81:81/aips2/aipService.svc/PostData",

406

)

Extra info:

{

isPrimary = 1;

}

Dec 10 16:15:44 iPad CommCenter[60] <Error>: kDataAttachStatusNotification sent, wasAttached: 1 isAttached: 1

Thanks for your help.

Fabio Giovannetti

j_raymakers
Participant
0 Kudos

Hi Fabio,

The common name must contain the external host of the certificate, or if no relay server is used the internal host name.

And in the configuration of the enrollment server component, field server adress: enter here the common name of the certificate. From your information provided, I see an IP adress (probably internal), but I assume that the common name in certificate is different. So enter in the certificate whether the external host name in case of relay server , or the internal host name in case no relay server is used and enter this value in the server adress field of the enrollment server component.

Kind regards,

Jacco Raymakers

Former Member
0 Kudos

Hi Jacco,

thanks for yor reply.I passed the previous error but know, when I try to enroll my Ipad in the Ipad Console Log I have the following:

Dec 12 14:27:44 iPad profiled[1352] <Notice>: (Note ) MC: Issued certificate received.

Dec 12 14:28:44 iPad profiled[1352] <Notice>: (Error) MC: Connection to https://194.243.141.81:443/aips2/aipService.svc/TokenCheckin failed with error: NSError:

Desc   : Tempo di richiesta scaduto.(TIMEOUT)

Domain : NSURLErrorDomain

Code   : -1001

Type   : MCFatalError

Dec 12 14:28:44 iPad profiled[1352] <Notice>: (Error) MDM: Cannot Authenticate. Error: NSError:

My environment is as follows:

I have the customer relay server which bridges external request (194.243.141.81 is the public ip address) from devices (like IPad) to Afaria Server.

So, following the error above we had to enable port 443, on the WebListener on our ISA Server (which is a Forefront/TMG).

The WbListener asks to add a certificate when enabling port 443 and https.

My question is: what is the certificate I have to use?

We tried to immport the .pfx APNS certificate, but It's not shown as a valide certificate for the WebListener (the security team say it is a client certificate not a server one).

Can anybody help me with this problem?

Best regards

Fabio

j_raymakers
Participant
0 Kudos

Hi Fabio,

I had probably the same isssue.

On your isa server what are the certificate details then used on port 443?

I mean common name, city etc?

Probably not equals to 194.243.141.81? because this IP I see in the logging?

Please reply.

Kind regards,

Jacco Raymakers

Former Member
0 Kudos

Hi Jacco,

common name is 194.243.141.81 in the certificate

I managed to link the SSL certificate to the WebListener,but  now the problem is that on ISA Server

port 443 for https is already in use, so my security team assigned port 8443.

My problem is now: how can I force IPAD to use port 8443 instead of 443 in the second step of enrollment (I mean , in the first part only http is used and it runs smoothly, but then

https://194.243.141.81:443/aips2/aipService.svc/TokenCheckin is called and I don't know how to

change the port from 443 to 8443.

Can someone help?

Regards

Fabio

j_raymakers
Participant
0 Kudos

Hi Fabio,

Sorry for the delay, but I was not triggered via email.

As far as I can judge the port is entered during installation.

So you have to rerun your iphone server installation again.

In the setup of your iphone server enter port 8443 instead.


Kind regards,

Jacco Raymakers.

Former Member
0 Kudos

Hi Jacco,

thanks for the reply.

I solved the problem in a different way:the security team assigned a new public IP address to use with ISA Server, so that I could choose port 443 for https.

Thanks again for your help.

Regards

Fabio

Former Member
0 Kudos

No i didnt yet.

Former Member
0 Kudos

Hi, we are now trying to install Afaria 7 outside the appliance. We're getting the following:

Aug 24 17:52:13 iPad Afaria[2732] <Warning>: postToURL:"http://190.2.50.181:80/aips/aipService.svc/ClientData"

Aug 24 17:52:13 iPad Afaria[2732] <Warning>: postToURL:[B]

Aug 24 17:52:13 iPad Afaria[2732] <Warning>: postToURL:[C]

Aug 24 17:52:13 iPad Afaria[2732] <Warning>: startPost

Aug 24 17:52:13 iPad Afaria[2732] <Warning>: retryAfterAuthorizationFailure[A]

Aug 24 17:52:13 iPad Afaria[2732] <Warning>: retryAfterAuthorizationFailure[E]

Aug 24 17:52:13 iPad Afaria[2732] <Warning>: retryAfterAuthorizationFailure[F]

Aug 24 17:52:13 iPad Afaria[2732] <Warning>: resumeWithCredentials[A]

Aug 24 17:52:13 iPad Afaria[2732] <Warning>: resumeWithCredentials[E]

Aug 24 17:52:13 iPad Afaria[2732] <Warning>: startPost

Aug 24 17:52:13 iPad Afaria[2732] <Warning>: HTTP/1.1 406 Not Acceptable

Aug 24 17:52:13 iPad Afaria[2732] <Warning>: setStatusLine:"Se produjo un error en la conexi-n-.-"

Any idea what could it be causing it? We've followed the installation guide.

Thanks in advance.

Former Member
0 Kudos

Im having the same issue,

Aug 24 18:03:35 iPad Afaria[135] <Warning>: connection:didReceiveResponse: http 200

Aug 24 18:03:35 iPad Afaria[135] <Warning>: HomeViewController enrollmentRecordRequiredDataPutEndedWith [156] and http:200

Aug 24 18:03:35 iPad Afaria[135] <Warning>: doConnect:

Aug 24 18:03:35 iPad Afaria[135] <Warning>: [AfariaAppDelegate.isClientDisabled 0]

Aug 24 18:03:35 iPad Afaria[135] <Warning>: [AfariaAppDelegate.isClientDisabled 0]

Aug 24 18:03:35 iPad Afaria[135] <Warning>: [AfariaAppDelegate.isClientDisabled 0]

Aug 24 18:03:35 iPad Afaria[135] <Warning>: [HomeViewController.doConnect - resetenrollment_preference 0]

Aug 24 18:03:35 iPad Afaria[135] <Warning>: [HomeViewController cancelPost]

Aug 24 18:03:35 iPad Afaria[135] <Warning>: setStatusLine:"Verificando el estado del dispositivo..."

Aug 24 18:03:35 iPad Afaria[135] <Warning>: postToURL:"http://10.251.0.131:50000/ias_relay_server/client/rs_client.dll/afariaenrollmentserver/aips/aipServi..."

Aug 24 18:03:35 iPad Afaria[135] <Warning>: postToURL:[C]

Aug 24 18:03:35 iPad Afaria[135] <Warning>: startPost

Aug 24 18:03:36 iPad Afaria[135] <Warning>: HTTP/1.1 406 Not Acceptable

Aug 24 18:03:36 iPad Afaria[135] <Warning>: setStatusLine:"Se produjo un error en la conexi-n-.-"

Former Member
0 Kudos

Did you find a solution for this? We're stuck and need to figured it out soon

Former Member
0 Kudos

No, i didnt yet. But we are working on this problem.

Do you have a email ?

shival_tailor
Participant
0 Kudos

Hi Florencia,

Have you had this particular device enrolled before? If yes, delete the previous device entry and try again. One of the possible reasons, in case of duplicate entries and conflicting UDIDs you get this message.

Best Regards,

Shival

Former Member
0 Kudos

Is the first time I enroll the device so I believe duplicated UDIDs is not the problem.

D_Olderdissen
Advisor
Advisor
0 Kudos

Did you check the error messages in the iCU console? There is a lot that can go wrong and up to now, you did not disclose a lot of detail on what you did, how you did it and error details.

Keep in mind that iOS5 does require a valid HTTPS certificate on the first server it hits. Or you import the signing cert into the keychain. Where this HTTPS cert is needed, depends on your setup, but you did not talk about this yet.

And, it usually helps to kick the Safari browser from memory and to reset the Afaria client states in the client configuration.

Former Member
0 Kudos

Hi, what we are getting right now, is a problem in the Profile instalation. Is an error stating that the conection failed when trying to comunicate with the ../aips/aipService.svc/PostData . I don't have the logs right now, but have someone experience a similar problem?
I'll post the logs later.

Thanks in advance.

Former Member
0 Kudos

This are the logs:

Aug 17 15:50:44 iPad profiled[415] <Notice>: (Note ) profiled: Service starting...

Aug 17 15:50:44 iPad profiled[415] <Notice>: (Note ) MC: Profile -S-y-b-a-s-e -- -i-A-n-y-w-h-e-r-e -q-u-e-u-e-d -f-o-r -i-n-s-t-a-l-l-a-t-i-o-n-.

Aug 17 15:50:51 iPad profiled[415] <Notice>: (Note ) MC: Checking for MDM installation...

Aug 17 15:50:51 iPad profiled[415] <Notice>: (Note ) MC: ...finished checking for MDM installation.

Aug 17 15:50:53 iPad profiled[415] <Notice>: (Note ) MC: Enrolling in OTA Profile service...

Aug 17 15:51:01 iPad profiled[415] <Notice>: (Error) MC: Cannot retrieve SCEP identity: NSError:

Desc   : Se ha producido un error de red.

Sugg   : No se ha encontrado ning-n -s-e-r-v-i-d-o-r -c-o-n -e-l -n-o-m-b-r-e -d-e -h-o-s-t -e-s-p-e-c-i-f-i-c-a-d-o-.^J-U-S -D-e-s-c-: -A -n-e-t-w-o-r-k -e-r-r-o-r -h-a-s -o-c-c-u-r-r-e-d-.^J-D-o-m-a-i-n -: -M-C-S-C-E-P-E-r-r-o-r-D-o-m-a-i-n^J-C-o-d-e   -: -2-2-0-0-5^J-T-y-p-e   -: -M-C-F-a-t-a-l-E-r-r-o-r^J-.-.-.-U-n-d-e-r-l-y-i-n-g -e-r-r-o-r-:^J-N-S-E-r-r-o-r-:^J-D-e-s-c   -: -N-o -s-e -h-a -e-n-c-o-n-t-r-a-d-o -n-i-n-g-n -s-e-r-v-i-d-o-r -c-o-n -e-l -n-o-m-b-r-e -d-e -h-o-s-t -e-s-p-e-c-i-f-i-c-a-d-o-.^J-D-o-m-a-i-n -: -N-S-U-R-L-E-r-r-o-r-D-o-m-a-i-n^J-C-o-d-e   -: ---1-0-0-3^J-T-y-p-e   -: -M-C-F-a-t-a-l-E-r-r-o-r

Aug 17 15:51:01 iPad profiled[415] <Notice>: (Error) MC: Failure occurred while retrieving profile during OTA Profile Enrollment: NSError:

Desc   : Se ha producido un error de red.

Sugg   : No se ha encontrado ning-n -s-e-r-v-i-d-o-r -c-o-n -e-l -n-o-m-b-r-e -d-e -h-o-s-t -e-s-p-e-c-i-f-i-c-a-d-o-.^J-U-S -D-e-s-c-: -A -n-e-t-w-o-r-k -e-r-r-o-r -h-a-s -o-c-c-u-r-r-e-d-.^J-D-o-m-a-i-n -: -M-C-S-C-E-P-E-r-r-o-r-D-o-m-a-i-n^J-C-o-d-e   -: -2-2-0-0-5^J-T-y-p-e   -: -M-C-F-a-t-a-l-E-r-r-o-r^J-.-.-.-U-n-d-e-r-l-y-i-n-g -e-r-r-o-r-:^J-N-S-E-r-r-o-r-:^J-D-e-s-c   -: -N-o -s-e -h-a -e-n-c-o-n-t-r-a-d-o -n-i-n-g-n -s-e-r-v-i-d-o-r -c-o-n -e-l -n-o-m-b-r-e -d-e -h-o-s-t -e-s-p-e-c-i-f-i-c-a-d-o-.^J-D-o-m-a-i-n -: -N-S-U-R-L-E-r-r-o-r-D-o-m-a-i-n^J-C-o-d-e   -: ---1-0-0-3^J-T-y-p-e   -: -M-C-F-a-t-a-l-E-r-r-o-r

Aug 17 15:51:22 iPad profiled[415] <Notice>: (Note ) MC: Checking for MDM installation...

Aug 17 15:51:22 iPad profiled[415] <Notice>: (Note ) MC: ...finished checking for MDM installation.

Aug 17 15:51:24 iPad profiled[415] <Notice>: (Note ) MC: Enrolling in OTA Profile service...

Aug 17 15:51:24 iPad profiled[415] <Notice>: (Error) MC: Failure occurred while retrieving profile during OTA Profile Enrollment: NSError:

Desc   : Error al llevar a cabo una transacci-n -c-o-n -e-l -s-e-r-v-i-d-o-r -h-t-t-p-:-/-/-1-9-0-.-2-.-5-0-.-1-8-1-/-a-i-p-s-/-a-i-p-S-e-r-v-i-c-e-.-s-v-c-/-P-o-s-t-D-a-t-a-. -E-s-t-a-d-o-: -4-0-6-.^J-U-S -D-e-s-c-: -A -t-r-a-n-s-a-c-t-i-o-n -w-i-t-h -t-h-e -s-e-r-v-e-r -a-t -h-t-t-p-:-/-/-1-9-0-.-2-.-5-0-.-1-8-1-/-a-i-p-s-/-a-i-p-S-e-r-v-i-c-e-.-s-v-c-/-P-o-s-t-D-a-t-a -h-a-s -f-a-i-l-e-d -w-i-t-h -t-h-e -s-t-a-t-u-s -4-0-6-.^J-D-o-m-a-i-n -: -M-C-H-T-T-P-T-r-a-n-s-a-c-t-i-o-n-E-r-r-o-r-D-o-m-a-i-n^J-C-o-d-e   -: -2-3-0-0-1^J-T-y-p-e   -: -M-C-F-a-t-a-l-E-r-r-o-r^J-P-a-r-a-m-s -: -(^J    -"-h-t-t-p-:-/-/-1-9-0-.-2-.-5-0-.-1-8-1-/-a-i-p-s-/-a-i-p-S-e-r-v-i-c-e-.-s-v-c-/-P-o-s-t-D-a-t-a-"-,^J    -4-0-6^J-)

Aug 17 15:52:25 iPad profiled[415] <Notice>: (Note ) profiled: Idled.

Aug 17 15:52:25 iPad profiled[415] <Notice>: (Note ) profiled: Service stopping.

shival_tailor
Participant
0 Kudos

Hi Ximena,

Did you check KB 8099? Here is the direct link.

Click here

Following is the solution copied from the above link:

SOLUTION:
Network Device Enrollment Services installation may need to be refreshed. This can be done by going to Server Manager > Roles > Active Directory Certificate Services and Remote the Role Services fore Network Device Enrollment Services and then re-add it following a Reboot.

Following the reinstall of Network Device Enrollment Services, it may be required to check the following:

HKLM\Software\Microsoft\Cryptography\MSCEP\EnforcePassword\EnforcePassword DWORD = 0
The default entry for this key is "1", and must be changed to "0" for the Afaria iPhone provisioning process.

Hope the above helps.

Regards,

Shival

Former Member
0 Kudos

Hey, thank you for the rapid response. We tried it but we're still getting the same error. Is there any way that we can see wich host it's trying to reach ?

Thank you.

shival_tailor
Participant
0 Kudos

Did you reboot the server as mentioned in the KB?

Former Member
0 Kudos

Yes, we did. But we keep receiving  :

Ipad profiled[415] <Notice>: (Error) MC: Failure occurred while retrieving profile during OTA Profile Enrollment: NSError:

Former Member
0 Kudos

Hi Ximena,

Your problem seems to be pointed in the Enrollment Server of the Afaria environment. Check your settings in de configuration component "Enrollment Server" and make sure that the settings of this Enrollment Server and Certificate Authority are correct.

Secondly, make sure that from your device the following virtual directories of the Afaria environment are reachable on port 80 and 443: http://190.2.50.181/aips, http://190.2.50.181/aips2 and http://190.2.50.181/CertSrv. Those are needed to enroll your iOS device.

Best regards.

Joost Weghorst

Former Member
0 Kudos

Hi, all those adresses are reachable from the device. We manage to get a different error, something concerning the Profile it self. We are trying to regenerate the certificate right now.

Thanks to all of you!

shival_tailor
Participant
0 Kudos

Hi Ximena,

It seems you may have passed the original error that was in question. For the community reader's reference and considering the effort that have been put in responding to your issue, could you post here what was the solution that worked in getting through your following error?

Ipad profiled[415] <Notice>: (Error) MC: Failure occurred while retrieving profile during OTA Profile Enrollment: NSError:

Regards,

Shival

Former Member
0 Kudos

Actually the KB 8099 did resolve that issue in particular.

We manage to finally install the profile in the device.

Thank you very much for all your help.

Regards

D_Olderdissen
Advisor
Advisor
0 Kudos

This could be anything and nothing. You will need to look for more detailed error messages.

If this fails right after you are entering the short url config code into the Afaria client, the code may be incorrect. Make sure the EUSSP knows about this code.

Also get the Apple Iphone Configuration Utility (iCU), install it and hook your iOS device up with a cable. Then try to re-enroll. Switch in the iCU to the console tab. You will then see the iOS console output and more detailed error messages that will help you determine what is wrong.

Former Member
0 Kudos

I think there is something wrong in the HTTPS communication but I not sure.

There is no possibility that the code is wrong because I'm obtaining it from Self Service Portal. I've tried with TinyURl and Google codes, but the result is the same.