Forum Discussion

Copper Contributor

Feb 20, 2018

SCEP policy deployment failing for IOS only

We have configured an internal NDES (intune connector installed) server connected to the client's internal PKI. Intune has been configured with Trusted Root/Intermediate policies to deploy to users/d...

mobile device management (mdm)

Copper Contributor

Feb 21, 2018

Thanks Ruud, we're already using SHA256 though.

Iron Contributor

Feb 21, 2018

Hi Mark,

What do the log files say on the server where the Certificate Connector is installed? You can have a look at the eventlog and the log files in the installation directory for the Certificate Connector. And also the NDES/SCEP log files.

Best regards,

Ruud Gijsbers

Mark Palmer
Copper Contributor
Feb 21, 2018
Yeah we've checked every log file possible including *.svclogs but they don't even show an attempt, failed request or anything. I've recreated the SCEP policy today but it has not helped. Can also confirm I can connect to the ndes URL from the test devices and receive the correct 403 error on the site as per the documentation.
- Tad Crandall
  Copper Contributor
  May 24, 2018
  Hey Mark,
  
  Did you all ever figure out the root cause of the issue? Experiencing the same problem with ios devices.
  
  Thanks
  - Mark Palmer
    Copper Contributor
    May 25, 2018
    Funny story... turned out to be a typo thanks to copy/paste...
    
    On a somewhat related note, the way Intune pushes MAM policies out is a real pain. I like the idea of only pushing polices for work related data, but trying to get that to trigger can be difficult!!
- RuudGijsbers
  Iron Contributor
  Feb 21, 2018
  Does it make any difference if you assign the SCEP profile to a device group or a user group?
  
  Otherwise I suggest you open a support ticket with Microsoft. My experience with Microsoft Support is very good, they usually respond the same day.
  
  Best regards,
  
  Ruud Gijsbers

Resources