iOS Enrollment Fails For Users with MANY Groups
So, we've got Authentication Check working, but it's failing for users with over ~100 domain groups assigned to them. It's pretty repeatable.
There are no errors logged anywhere, no failures on our domain controllers, or anything. The only message we get is the "Unauthorized User Detected" on the iOS device after ~8 seconds after trying to enroll.
We've been able to duplicate this by adding an empty user to the enrollment group, and then adding groups and eventually it fails.
Has anyone else seen this? Support says that their test environment isn't large enough to replicate this.
Oh, to make it REALLY weird, if we add Domain Users to our enrollment group, enrollment succeeds for the users who were added discretely to the group and were failing.