HowTo entitle pass-thru authentication for enrollment process
|Article:TECH175678|||||Created: 2011-11-29|||||Updated: 2013-09-09|||||Article URL http://www.symantec.com/docs/TECH175678|
Entitle pass-thru authentication is requested for the enrollment process to avoid issues like:
The profile "MDM Enrollment" could not be installed.
iPad or iPhone
The certificate which had defined for the IIS HTTPS binding was generated for the Mobile Management Server (MMS) and used the fully qualified domain name (FQDN) of the server (e.g. Testlab.Symantec.com). But the IP override on the MMS configuration policy was set to the public IP address of the MMS which is reachable from the internet.
In this situation the enrollment works when using HTTP. For iOS5 devices however, there is need for HTTPS. So in this example the trust could not be made because the certificate is generated for the FQDN (Testlab.Symantec.com) and this DNS record is not reachable from the internet (only the IP address is reachable).
1. Create a (temporary) trusted root certificate (Testlab.Symantec.com) for testing and importing on the MMS
Article URL http://www.symantec.com/docs/TECH175678