iOS DEP enrollment may fail when updating the trusted anchor certificates used to trust the SSL connection to the MDM server
Article ID: CTX219681
Updated On:
Description
After you enable iOS bulk enrollment, the upgrade of the trusted anchor certificates may cause the iOS DEP enrollment or re-enrollment failure. The issue may occur when you change from a self-signed certificate to a public certificate, purchase a certificate from a new provider, or move to an internal corporate CA. The issue does not affect existing enrolled iOS DEP devices.
Resolution
As a work around, do the following:
1. In the XenMobile console, click Settings > iOS Bulk Enrollment.
2. Under DEP Configuration, next to Allow Device Enrollment Program (DEP), click NO and then click Save. Wait for few seconds. This step removes the previous DEP profile from DEP devices on the Apple DEP portal.
3. Click Manage > Devices. Check that no DEP registered device appears in the column DEP registered.
4. Click Settings > iOS Bulk Enrollment again.
5. Under DEP Configuration, next to Allow Device Enrollment Program (DEP), click YES and then click Save. Wait for a few seconds. This step will force the adding of a new profile to all DEP devices.
6. Click Test Connection to ensure that the connection between the XenMobile server and the Apple DEP servers is still functioning.
7. Click Manage > Devices again. Check that all of the DEP devices are newly registered in the column DEP registered.
1. In the XenMobile console, click Settings > iOS Bulk Enrollment.
2. Under DEP Configuration, next to Allow Device Enrollment Program (DEP), click NO and then click Save. Wait for few seconds. This step removes the previous DEP profile from DEP devices on the Apple DEP portal.
3. Click Manage > Devices. Check that no DEP registered device appears in the column DEP registered.
4. Click Settings > iOS Bulk Enrollment again.
5. Under DEP Configuration, next to Allow Device Enrollment Program (DEP), click YES and then click Save. Wait for a few seconds. This step will force the adding of a new profile to all DEP devices.
6. Click Test Connection to ensure that the connection between the XenMobile server and the Apple DEP servers is still functioning.
7. Click Manage > Devices again. Check that all of the DEP devices are newly registered in the column DEP registered.
Problem Cause
Upgrading the trusted anchor certificates after enabling iOS bulk enrollment.Additional Information
For more information about Apple DEP, see Bulk enrollment of iOS devices.
Was this article helpful?
Yes
No
Powered by
