cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

AFARIA iOS 7.0.2 device enrollment

Fabricio
Explorer

on ‎10-14-2013 4:04 AM

0 Kudos

Hi,

I have an AFARIA 7 SP3 Server (all hot fixes applied) and we want enroll devices iOS 7.0.2.

We configured the CA Stand-alone/SCEP, Server configuration with Apple Certificates, policy, group.

The process is executed by SelfServicePortal.

When users try to enroll an iPad with iOS 7.0.2 the enrollment process works fine until Profile Service installation. In the device at this point, the service profile is showed with status "verified", but when user click to continue the installation process, a message appears,"Profile installation failed, invalid profile".

The device is registered in AFARIA server, but how we cannot install profile we cannot do anything more.

If someone already worked in this scenario or had the same trouble, we will appreciate very much some help.

Thanks

Fabricio

Show replies
Show replies
Answer

Accepted Solutions (0)

Answers (2)

Answers (2)

Former Member
‎10-15-2013 12:39 PM
0 Kudos

Hi,

Follow the below step

1. SP03 Hotfix 6 and then Hotfix7.

2. check all the ports are open for apple 2195 and 2196

3. SSL certificate import properly at the time of iphone server installation

4. use iphone configuration utility to get the device log

Show replies
Show replies
former_member10452
Employee
Employee
‎10-14-2013 1:25 PM
0 Kudos

Hi Fabricio,

If other version of iOS devices are working fine then you need to install SP03 Hotfix 6 and then Hotfix7.

If other versions of iOS devices also giving the same error then it looks like more related to configuration issues. If your device is hitting Afaria server difrectly then during installation of enrollment server, you need to select Afaria Server's certificate and make sure it's CA is also installed on the server or if it's going through relay server then please select relay servers cert during enrollment server (for this you would need to import relay server cert in your mmc --> certificates --> computer certs --> Personal certs).

Make sure cert is issued to FQDN (fully qualified domain name) of your server i.e. if your device hits to http(s)://<server.domain.com>:<port>/* then cert should be issued to server.domain.com.

Regards,

Abhishek Joshi

Show replies
Show replies
Fabricio
Explorer
‎10-14-2013 3:39 PM
0 Kudos

Hi

We are not using relay for while, but testing in another device with iOS 6 the message is more specific and we have error 406, when try to call url of service aips2

I will investigate more but I saw that can be something about certificate

Knowledgebase Article ID #8831

Thanks in advance and if I have news I will write here

Regards

Fabricio

vobu
Active Contributor
‎10-15-2013 8:22 AM
0 Kudos

You can also try to hook up the iOS device to a PC or Mac with the iPhone Configuration Utility installed. It is available for both Win (http://support.apple.com/kb/DL1466) and OS X (http://support.apple.com/kb/DL1465). This allows you to view the log on the iOS device and might reveal more about the cause of the profile install error.

In case you're running you own CA issuing and signing certificates, make sure that the CA's root certificate is installed on the iOS device.

hth, v.

Ask a Question