- Jamf Nation Community
- Products
- Jamf Pro
- Re: MDM profile failing after upgrade to 9.11
Options
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Mute
- Printer Friendly Page
MDM profile failing after upgrade to 9.11
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Posted on 09-22-2013 07:33 AM
I upgraded my JSS to 9.11 last night, and now every time i try to enroll an iOS device (iOS6 + 7) I get the CA Certificate Payload, then the MDM profile fails and only gives network error as a reason. This applies to both url and ota email invitations. This is not the case with OSX devices, those work fine by url. I'm not sure where to look next. Everything was fine before the upgrade and now I have another Department on hold until this is fixed. Any help is appreciated.
Different issue, but it now seems my self service on iOS has used the same icon for several apps. i.e. I have three apps using the google drive icon, yet none of the the three apps are google drive.
7 REPLIES 7
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Posted on 09-22-2013 12:53 PM
Same thing happened to me when I "upgraded" from 9.01 to 9.1 last week. CA Cert went just fine but MDM profile failed. After working with folks at JAMF, it was found that the URL was changing from https://server_name/enroll, the system was changing it to https://server_name/iosenroll and as a result, the certificate that was created when I first installed 9.1 was not valid (it had enroll instead of iosenroll). I spent a couple of hours work with JAMF on this and as of Friday afternoon, there still wasn't a resolution. When I received notification of 9.11 being release, I was hoping that it would have resolved this issue; however, since you seem to be having the same problem in 9.11, I'll wait until a solution is posted.
I've got 150 iPads sitting in boxes waiting to be given out and this is preventing me from doing that.
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Posted on 09-22-2013 09:48 PM
Just upgraded to 9.11 and am having the same issue. Url changes to iosenroll and I get an Access Denied Screen, I am also having issues where the icons in Self service are incorrect.
Let you know when a solution is available.
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Posted on 09-22-2013 11:54 PM
I have managed to work with support and find a solution the issue in my case. I found that with the upgrade the security settings for the users that only have Enrollment privileges have changed and have become a lot more granular.
First ensure your "User Initiated Enrollment" is set to on.
JSS>>Settings>>Mobile Device management>>User Initiated Enrollment
Than if using a local JSS Account ensure you have the following security settings to allow enough access to enroll a device.
Computer Enrollment Invitation = create read update and delete
Computers = create read update
Enrollment Profiles = create read update and delete
Mobile Device Enrollment Invitations = create read update and delete
Mobile Devices = create read update
Worked for me,
Has not fixed my icon issue however - Recreating the App Deployment fixed the issue but that is not a suitable work around for all apps . Awaiting a better solution back from Support.
Thanks
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Posted on 10-02-2013 01:22 PM
Same thing happened to me when I "upgraded" from 8.72 to 9.1 today. CA Cert went just fine but MDM profile failed. I was found that the URL was changing from https://server_name/enroll, the system was changing it to https://server_name/iosenroll.
Any answer to this problem yet.
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Posted on 10-04-2013 03:00 PM
Try the following:- (Test in 9.12)
Login into your JSS --->JSS Settings ----->Apache Tomcat Settings----->Edit---->Change the SSL certificate used for HTTPS---->Next---->Generate a certificate from the JSS's built-in CA---->Next
Restart Tomcat
Thanks,
Karthikeyan
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Posted on 10-05-2013 09:31 AM
I think the generic icons are because the JSS doesn't have a small jpg for it. When I was uploading an app to the database it would pull it out of the app bundle as it parsed for the other data it needs. But when I used the web server method I had to parse that data (name, version, bundleID) out myself and I didn't bother to upload a jpg on the 'Self Service Web Clip' tab.
But from an older post (https://jamfnation.jamfsoftware.com/discussion.html?id=3945) step 9, you will find a file inside the .ipa called iTunesArtwork that needs to be renamed to iTunesArtwork.jpg and uploaded.
chris
[UPDATE] There may be another reason / solution. https://jamfnation.jamfsoftware.com/discussion.html?id=8573
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Posted on 10-07-2013 02:30 PM
That does not fix the https://server_name:8443/iosenroll problem. The /iosenroll is wrong.
