HTTP Status 403 - Forbidden

Jack99
New Contributor

Hi all,

 

Looking for if anyone has had this issue in the past and how it was resolved if so.

 

This week I updated our Jamf Pro Instance to 10.43.1 and have been having issues with enrolment ever since. It's worth noting our environment is hosted On-Prem and in an air-gapped network so has no access to the internet whatsoever.

 

If I try and enrol a new device via User Initiated Enrolment and access the enrolment URL, I am greeted with the login window as normal. Any LDAP user is allowed to enrol devices. The initial stages of the process work as normal, until the final stage where the 'Download and Install this package' message is displayed. If I am trying to enrol with a standard LDAP user account, when pressing the 'Download' button I am redirect to '<Enrolment URL>//flatpackagedownload and a message is displayed 'HTTP Status 403 - Forbidden' and I can't go any further. The stranger part is if I initiate the enrolment using an Admin LDAP user, when pressing the 'Download' button, the package downloads without issue and the device can be enrolled into Jamf Pro.

 

Before the upgrade (I can't remember which version we were on previously), enrolment this way worked without issue for any user. It seems as if permissions to the area where Jamf is trying to grab the package from have changed but I could be completely wrong.  

 

Anyone experienced this before? 

 

Thanks! 

2 REPLIES 2

foreverkan
New Contributor III

Hello,

 

I have same problem, is there any solution?

Jack99
New Contributor

Hello,

 

We found that we didn't have a Push Certificate installed in Jamf Pro.

 

If you are also working in an air-gapped environment, the way we resolved this was to go to identity.apple.com/pushcert. on an internet connected machine and then import the generated Push Certificate into Jamf pro.

 

This guide should help: Push Certificates - Jamf Pro Documentation 11.1.0 | Jamf

 

Thanks,

 

Jack