Endpoint Security Complete

 View Only

  • 1.  MDM enrollment issue

    Posted Feb 02, 2012 12:15 PM

    Hi Guys,

    i'm getting a bit further with deployment of MDM. I have managed to install the agent on and IOS5 device and able to see inventory for the device in my CMS.

    When it comes to enrollment, the Install Profile screen shows unsigned beside the cog icon. When I click on install and type in my passcode I can see it trying to generate a key and enroll but bombs out with the 'Profile Failed to install - a network error has occurred' message. I am trying to install via https on our local network.

    I have double checked all my settings and they all seem fine. Can anyone advise if there is an issue with the CA running SCEP being present on another server than our MDM Server?

    Is there anything I can check as my management team are now asking me to have this up and running to provide a demo to senior staff.

    As usual any help greatly appreciated.



  • 2.  RE: MDM enrollment issue

    Posted Feb 02, 2012 12:44 PM

    It might be this issue:
    http://www.symantec.com/docs/HOWTO59804

    If you're installing locally on HTTPS, how are you ensuring that the device trusts and can validate the (self-signed) SSL certificate for the server?  Typically folks put this in the DMZ and use an externally-signed SSL certificate.



  • 3.  RE: MDM enrollment issue

    Posted Feb 02, 2012 01:02 PM

    I have followed |http://www.symantec.com/docs/HOWTO59804 but no joy.

    All I would like to do is get this talking to our server as a proof of concept internally meantime.

    Is there an easier way to prove this works as I really dont want go down the DMZ route.



  • 4.  RE: MDM enrollment issue
    Best Answer

    Posted Feb 18, 2012 08:49 AM

    We have now purchased a externally signed cert and can confirm MDM is now working