Hi all,
I have a tenant in my Afaria server(Afaria 7, SP4, hf3) that I want integrate with Active Directory for iOs devices.
I follow this steps:
- I configure the Active Directory parameters (Server->security->Active Directory)
- I re-install de iphoneserver component with "Afaria server managed authentication" option.-
- I create a enrollment policy
When I launch the Afaria agent on the device and enter the enrollment code (Tiny), I receive a message of incorrect enrollment code.
If I reinstall again the iphoneserver without "Use authentication" and try to enroll with the same code, It works and the the device is enrolled (obviously without request credentials).
I don't know why, but when install the iphone server with "use autentication", the iOS enrolmet fails.
The ICU logs are:
- When It fails
May 16 17:46:16 iPad Afaria-SAP[145] <Warning>: [AipsController enrollmentCodeDidFinishWith:]
May 16 17:46:16 iPad Afaria-SAP[145] <Warning>: [AipsController enrollmentCodeDidParse:]
May 16 17:46:16 iPad Afaria-SAP[145] <Warning>: shortenrollmenturl_preference: https://TinyURL.com/XXXXXXXX
May 16 17:46:16 iPad Afaria-SAP[145] <Warning>: [AipsController doEnrollmentSeedDownload]
May 16 17:46:16 iPad Afaria-SAP[145] <Warning>: [AfariaAppDelegate netUser:0x80 busy:1]
May 16 17:46:18 iPad CommCenter[44] <Notice>: com.apple.CommCenter.Prox - Declared system activity to prevent sleep
May 16 17:46:18 iPad Afaria-SAP[145] <Warning>: [AfariaAppDelegate canAuthenticateAgainstProtectionSpace] NSURLAuthenticationMethodServerTrust
May 16 17:46:18 iPad Afaria-SAP[145] <Warning>: [EnrollmentCodeSeedDataDownloader connection:didReceiveAuthenticationChallenge] NSURLAuthenticationMethodServerTrust 0
May 16 17:46:18 iPad Afaria-SAP[145] <Warning>: [AfariaAppDelegate connection:didReceiveAuthenticationChallenge] NSURLAuthenticationMethodServerTrust 0
May 16 17:46:18 iPad Afaria-SAP[145] <Warning>: _serverTrustResolvedWithSuccess, success = 1
May 16 17:46:18 iPad Afaria-SAP[145] <Warning>: resolve NSURLAuthenticationMethodServerTrust -> <NSURLCredential: 0x2b01f0>: (null)
May 16 17:46:18 iPad Afaria-SAP[145] <Warning>: Cert for host tinyurl.com trusted
May 16 17:46:20 iPad Afaria-SAP[145] <Warning>: httpResponse.allHeaderField Dictionary: {
"Cache-Control" = "no-cache";
Connection = "keep-alive";
"Content-Encoding" = gzip;
"Content-Length" = 913;
"Content-Type" = "text/html";
Pragma = "no-cache";
}
May 16 17:46:20 iPad Afaria-SAP[145] <Warning>: connection:didReceiveResponse: http 403
-When It works
May 16 18:38:04 iPad Afaria-SAP[145] <Warning>: [AipsController enrollmentCodeDidFinishWith:]
May 16 18:38:04 iPad Afaria-SAP[145] <Warning>: [AipsController enrollmentCodeDidParse:]
May 16 18:38:04 iPad Afaria-SAP[145] <Warning>: shortenrollmenturl_preference: https://TinyURL.com/XXXXX
May 16 18:38:04 iPad Afaria-SAP[145] <Warning>: [AipsController doEnrollmentSeedDownload]
May 16 18:38:04 iPad Afaria-SAP[145] <Warning>: [AfariaAppDelegate netUser:0x80 busy:1]
May 16 18:38:07 iPad CommCenter[44] <Notice>: com.apple.CommCenter.Prox - Declared system activity to prevent sleep
May 16 18:38:09 iPad Afaria-SAP[145] <Warning>: httpResponse.allHeaderField Dictionary: {
"Cache-Control" = private;
Connection = "keep-alive";
"Content-Length" = 1467;
"Content-Type" = "aips/plist+xml";
Date = "Fri, 16 May 2014 16:38:06 GMT";
Server = "Microsoft-IIS/7.5, Microsoft-IIS/7.5";
"X-AspNet-Version" = "4.0.30319";
"X-Powered-By" = "ASP.NET, ASP.NET";
}
May 16 18:38:09 iPad Afaria-SAP[145] <Warning>: connection:didReceiveResponse: http 200
May 16 18:38:09 iPad Afaria-SAP[145] <Warning>: [AfariaAppDelegate netUser:0x80 busy:0]
May 16 18:38:09 iPad Afaria-SAP[145] <Warning>: [AipsController enrollmentCodeSeedDidLoadWith:]
May 16 18:38:09 iPad Afaria-SAP[145] <Warning>: AipsController enrollmentCodeSeedDataDidLoadWith [1467] and http:200
May 16 18:38:09 iPad Afaria-SAP[145] <Warning>: [EnrollmentProfile parse]
May 16 18:38:09 iPad Afaria-SAP[145] <Warning>: Unexpected element name: "UseIdentityCertificate"
May 16 18:38:09 iPad Afaria-SAP[145] <Warning>: Unexpected element name: "iOSAndroidEnrollmentUri"
May 16 18:38:09 iPad Afaria-SAP[145] <Warning>: >>> EnrollmentProfile <<<
May 16 18:38:09 iPad Afaria-SAP[145] <Warning>: PolicyID: {c049cf0c-d680-4d16-be74-c6a79b8720f6}
May 16 18:38:09 iPad Afaria-SAP[145] <Warning>: >>> EnrollmentConfigurationParameters <<<
May 16 18:38:09 iPad Afaria-SAP[145] <Warning>: ServerAddress: XXXXXXX
May 16 18:38:09 iPad Afaria-SAP[145] <Warning>: ServerPort: 80
May 16 18:38:09 iPad Afaria-SAP[145] <Warning>: ServerProtocol: http
May 16 18:38:09 iPad Afaria-SAP[145] <Warning>: ServerVirtualDirectory: aips
May 16 18:38:09 iPad Afaria-SAP[145] <Warning>: EnrollmentVirtualDirectory: aips
May 16 18:38:09 iPad Afaria-SAP[145] <Warning>: RelayServerPath: /ias_relay_server/client/rs_client.dll/%cid%
May 16 18:38:09 iPad Afaria-SAP[145] <Warning>: RelayServerFarmID: PSserverDes
May 16 18:38:09 iPad Afaria-SAP[145] <Warning>: homeSeedingParmameters: s=mobiadmd.interhesa.es;p=80;h=http;v=aips;e=aips;c=PSserverDes;r=/ias_relay_server/client/rs_client.dll/%cid%
May 16 18:38:09 iPad Afaria-SAP[145] <Warning>: UserPrompts:[0]
May 16 18:38:09 iPad Afaria-SAP[145] <Warning>: Groups:[1]
May 16 18:38:09 iPad Afaria-SAP[145] <Warning>: >>> EnrollmentGroup <<<
May 16 18:38:09 iPad Afaria-SAP[145] <Warning>: Name: 25
May 16 18:38:09 iPad Afaria-SAP[145] <Warning>: MDMEnroll: present and empty
May 16 18:38:09 iPad Afaria-SAP[145] <Warning>: >>> EnrollmentAfariaSeed <<<
May 16 18:38:09 iPad Afaria-SAP[145] <Warning>: NamingOption: 1
May 16 18:38:09 iPad Afaria-SAP[145] <Warning>: ConnectAfterInstall: 1
May 16 18:38:09 iPad Afaria-SAP[145] <Warning>: AutoApprove: 1
May 16 18:38:09 iPad Afaria-SAP[145] <Warning>: MbdType: 2
May 16 18:38:09 iPad Afaria-SAP[145] <Warning>: MbdDnv:
May 16 18:38:09 iPad Afaria-SAP[145] <Warning>: MbdPrefix:
May 16 18:38:09 iPad Afaria-SAP[145] <Warning>: MbdPromptVar: (null)
May 16 18:38:09 iPad Afaria-SAP[145] <Warning>: Domain:
May 16 18:38:09 iPad Afaria-SAP[145] <Warning>: IOSAccessPolicy: 130
May 16 18:38:09 iPad Afaria-SAP[145] <Warning>: TenantID: i!p8f:1
May 16 18:38:09 iPad Afaria-SAP[145] <Warning>: RelayServerPrefix: /ias_relay_server/client/rs_client.dll
May 16 18:38:09 iPad Afaria-SAP[145] <Warning>: RelayServerFarmID: FARMIDDes
May 16 18:38:09 iPad Afaria-SAP[145] <Warning>: ServerIP: (null)
May 16 18:38:09 iPad Afaria-SAP[145] <Warning>: SSPTitle:
May 16 18:38:09 iPad Afaria-SAP[145] <Warning>: SSPDescription:
May 16 18:38:09 iPad Afaria-SAP[145] <Warning>: SSPURL:
May 16 18:38:09 iPad Afaria-SAP[145] <Warning>: EnableCompromised: 0
May 16 18:38:09 iPad Afaria-SAP[145] <Warning>: [AipsController parseSeedDataDidSucceed]
May 16 18:38:09 iPad Afaria-SAP[145] <Warning>: [AipsController jailbroken]
May 16 18:38:09 iPad Afaria-SAP[145] <Warning>: [doDelayedEnrollment]
May 16 18:38:09 iPad Afaria-SAP[145] <Warning>: [AfariaAppDelegate netUser:0x80 busy:0]
May 16 18:38:09 iPad Afaria-SAP[145] <Warning>: UIDevice.getUDID > 1e1e0f7dd6ca026675486a815c16c78785132e68
May 16 18:38:09 iPad Afaria-SAP[145] <Warning>: UIDevice.getUDID > 1e1e0f7dd6ca026675486a815c16c78785132e68
May 16 18:38:09 iPad Afaria-SAP[145] <Warning>: [AipsController enrollmentUserPromptsDidFinishWith:]
May 16 18:38:09 iPad Afaria-SAP[145] <Warning>: EnrollmentRecordRequiredDataPut > http://XXXXXXXXXX:80/ias_relay_server/client/rs_client.dll/PSserverDes/aips/aipService.svc/EnrollmentRecord?ID={c049cf0c-d680-4d16-be74-c6a79b8720f6}&ClientType=-8
May 16 18:38:09 iPad Afaria-SAP[145] <Warning>: EnrollmentRecordRequiredDataPut >> http://XXXXXXXXXX:80/ias_relay_server/client/rs_client.dll/PSserverDes/aips/aipService.svc/EnrollmentRecord?ID=%7Bc049cf0c-d680-4d16-be74-c6a79b8720f6%7D&ClientType=-8
May 16 18:38:09 iPad Afaria-SAP[145] <Warning>: [AfariaAppDelegate netUser:0x80 busy:1]
May 16 18:38:10 iPad Afaria-SAP[145] <Warning>: httpResponse.allHeaderField Dictionary: {
"Cache-Control" = private;
Connection = "keep-alive";
"Content-Length" = 514;
"Content-Type" = "aips/plist+xml";
Date = "Fri, 16 May 2014 16:38:07 GMT";
Server = "Microsoft-IIS/7.5, Microsoft-IIS/7.5";
"X-AspNet-Version" = "4.0.30319";
"X-Powered-By" = "ASP.NET, ASP.NET";
}
Could you please help to solve this problem?
Thanks in advance.