+7Just discovered since upgrading to 9.01 that my mobile OTA URL enrollment does not work.
Error is:
Access Denied
This invitation is not valid
Invitation? I didn't think OTA URL enrollment used an invitation?
I checked the settings for my User-Initiated Enrollment for Mobile Devices and my option is still checkmarked to allow enrollment without an invitation...soooo what gives?
Best answer by cgordy
solved.
The generic user account that we use for URL OTA enrollment needed additional permissions.
Not sure why, but previously on the account, the only items checkmarked were for:
Computer Enrollment Invitations - CREATE
Mobile Devices - CREATE
Shooting in the dark, I gave all permissions to that account for
Computer Enrollment Invitations
Mobile Devices
Enrollment Profiles
That fixed it.
I probably did some overkill, but in the heat of the moment trying to enroll some important devices, I can work until I figure out which permission fixed it.
+7solved.
The generic user account that we use for URL OTA enrollment needed additional permissions.
Not sure why, but previously on the account, the only items checkmarked were for:
Computer Enrollment Invitations - CREATE
Mobile Devices - CREATE
Shooting in the dark, I gave all permissions to that account for
Computer Enrollment Invitations
Mobile Devices
Enrollment Profiles
That fixed it.
I probably did some overkill, but in the heat of the moment trying to enroll some important devices, I can work until I figure out which permission fixed it.
+12I ran into the same situation. If I go back to see what minimal rights are need I'll post here. At this point it's not high on the list though.
+1My guess is that you only need 1 extra permission turned on in mobile devices - i turned them all on, and it allowed me to log in. I wasn't able to experiment to find out which ones weren't necessary.
Enter your E-mail address. We'll send you an e-mail with instructions to reset your password.