Getting Error When Setting up PreStage Enrollment for Computers

ehendricks
New Contributor III

I already have a PreStage enrollment for iPads and have been managing them, but now want to add Macs. They appear in the DEP list in JAMF, but when creating a PreStage enrollment, I get this error message: "Unable to contact https://mdmenrollment.apple.com about a new PreStage enrollment or changes to an existing PreStage enrollment." I tried refreshing the .p7m and .pem token files on Apple DEP and JAMF, but no luck. Any suggestions as to why this isn't working? Thanks!

8 REPLIES 8

spraguga
Contributor

Is the server's time off? You can check this thread as well:

https://jamfnation.jamfsoftware.com/discussion.html?id=10084

mpermann
Valued Contributor II

@ehendricks, we had the same problem as you. It's apparently a known defect. My TAM gave me a work around that cleared up the error message. We had the "Make MDM Profile Mandatory" option ticked for obvious reasons. What cleared the error was to edit the enrollment and un check that option then save the enrollment. Then we edited the profile once more and re-checked the "Make MDM Profile Mandatory" and saved it. The error message was cleared and we were again able to add new devices to the enrollment profile. I hope this works for you as well. My TAM indicated this bug is planned to be fixed in 9.4.1. We're using 9.3.1 by the way.

ehendricks
New Contributor III

Thanks, @mpermann. I will try the solution you mentioned and let you know how it goes!

Aubreyandre
New Contributor

I have the same error message and took your advice and after refreshing, turned off "Make MDM Profile Mandatory" and saved it. This was unsuccessful. Any other tips or suggestions? @ehendricks @mpermann

mpermann
Valued Contributor II

@Aubreyandre, before toggling the "Make MDM Profile Mandatory" option I did do the following steps as directed by my TAM.

1. Click Gear icon then Global Management then Device Enrollment Program. 2. Click Public Key button to download the public key. 3. Log into https://deploy.apple.com/ and click Manage Servers then click on our MDM and then click the replace public key link. 4. Upload the new public key. 5. Generate and download new token. 6. Edit our existing DEP and upload the newly generated token. 7. Restart Tomcat on server

You might want to create a case with your TAM about this. This is a known issue by the way according to my TAM that they are actively working on fixing in a future release.

Aubreyandre
New Contributor

@mpermann Thank you. I followed those steps and contacted my TAM but have not had any result as of yet. We restarted tomcat and the JSS. Looking for another solution, or will repeat the above again.

smith_kyle
New Contributor III
Is the server's time off?

+1 to this - server was off by 6 minutes and that fixed it up.

ipsict
New Contributor

My JSS server time was off by 7 mins also, and fixing that solved the "Problem contacting Apple services" error when attempting the upload of our Apple DEP token to our JSS.