iOS Devices are unable to enroll to the MMS server - console logs show a 500 error in communication

Article:TECH178752  |  Created: 2012-01-11  |  Updated: 2013-09-09  |  Article URL http://www.symantec.com/docs/TECH178752
Article Type
Technical Solution



Issue



Trying to enroll an iOS device to the MMS server using SSL (https) communication fails.  In the iPhone Configuration Utility console logs, a 500 response is given by the mdm.sync page.


Error



Desc   : The profile "MDM Enrollment" could not be installed.
Sugg   : The payload "MDM" could not be installed.
US Desc: The profile "MDM Enrollment" could not be installed.
US Sugg: The payload "MDM" could not be installed.
Domain : MCProfileErrorDomain
Code   : 1009
Type   : MCFatalError
Params : (
   "MDM Enrollment"
)
...Underlying error:
NSError:
Desc   : The payload "MDM" could not be installed.
Sugg   : A transaction with the server at "https://server/IOSServices/mdm.sync" has failed with the status "500".
US Desc: The payload "MDM" could not be installed.
US Sugg: A transaction with the server at "https://server/IOSServices/mdm.sync" has failed with the status "500".
Domain : MCInstallationErrorDomain
Code   : 4001
Type   : MCFatalError
Params : (
   MDM
)
...Underlying error:
NSError:
Desc   : A transaction with the server at "https://server/IOSServices/mdm.sync" has failed with the status "500".
US Desc: A transaction with the server at "https://server/IOSServices/mdm.sync" has failed with the status "500".
Domain : MCHTTPTransactionErrorDomain
Code   : 23001
Type   : MCFatalError
Params : (
   "https://server/IOSServices/mdm.sync",
   500
)

Environment



Mobile Management Solution 7.1


Solution



There are actually multiple reasons why this can happen.

These specific errors have been seen when IIS is configured to use SSL communication only.  The default settings for the MMS Server tries to access other pages internally across HTTP.
Resolution: Disable the "Require SSL" option for the server, or at least, for the Mobile Management Site Service paths.

This problem can also be caused when the IIS Bindings on the Site Server are configured for a specific Host Name, as "localhost" is used by default for internal communication.
Resolution: Open the IIS Manager for the Default Web Site, edit the Bindings for http, and make sure the Host Name setting is blank.

If the 500 errors persist, see TECH194179 for instructions on modifying IIS compression.


Supplemental Materials

SourceETrack
Value2660830



Article URL http://www.symantec.com/docs/TECH178752


Terms of use for this information are found in Legal Notices