Jamf Nation Community

perryd · ‎12-02-2019

Hi,

I'm trying to distribute a config profile for wifi with a cert but it just sits at pending.

If i remove the cert payload the config profile goes to the machines instantly bu then i just have a wifi profile with no authentication. The same issue happens if i have the SCEP payload turned on it just sits at pending but if i delete the SCEP details from the config profile it goes through but again just adds a wifi network with no way of connecting.

If i download the profile and try to run it manually i get an error saying "could not open profile. There was an error opening "MY PROFILE NAME" contact your network admin."

Has anyone else come across this problem?

gurduv · ‎03-09-2020

Did you solve the issue? I'm experiencing the same behaviour on my jamf server.

perryd · ‎03-10-2020

It turned out to be an issue with the certificate on our NDES server that was hosting our SCEP proxy. Once this was updated the config profile installed instantly and is now working perfectly with our Macs now being unbound from AD.

benniecaruso · ‎03-10-2020

@perryd We've been working on getting 802.1x certs deployed through Jamf for the past couple of months without success.

I'm receiving the following error under failed Management Commands:
Unable to retrieve AD CS certificate for profile payload.

Definitely reads like a server-side error. Is it possible the issue you were experiencing on your server could also be a roadblock for others or was it something rather obscure?

perryd · ‎03-11-2020

I've had the "Unable to retrieve AD CS certificate for profile payload" when AD is not bound or not able to communicate. A rebind fixed that for me or ensuring it was on a domain network.

Our SCEP issue was kinda obscure it was a combination of certificates not updating and some test certs messing things up.

Jamf Nation Community

config profiles stuck at pending if i add a cert or SCEP