Forum Discussion

MSThomK's avatar
MSThomK
Brass Contributor
May 22, 2025
Solved

VPP Apps Not Installing via Intune – Error 0x87D127DB Despite Valid Configuration

Hi everyone, We’re currently using Microsoft Intune in combination with Apple Business Manager (ABM) to provision iPhones in our organization. Our setup has worked reliably until recently: in April/...
0x87D127DB
ABM
App Deployment
Apple Business Manager
Intune MDM
ios
mobile device management (mdm)
VPP
  • MSThomK's avatar
    MSThomK
    Jun 18, 2025

    Hi everyone,

    I wanted to share my recent experience that might be helpful to others dealing with firewall configurations and Apple service integrations.

    At the request of management, I implemented a policy to block streaming services via our firewall. To do this efficiently, I used the vendor’s built-in web filtering categories, as manually blocking every streaming provider is practically unmanageable.

    Unfortunately, I lost sight of this change over time. What I didn’t realize—and what isn’t clearly documented by the vendor—is that the selected category also blocks essential Apple services. Specifically, it interferes with the communication between Apple Business Manager (ABM) and Microsoft Intune. This behavior is reproducible and was the root cause of the issues we encountered.

    To be clear: The issue was not caused by Apple Business Manager or Intune, but solely by the firewall configuration.

    I’m now working on a more targeted approach to block streaming content without disrupting ABM–Intune connectivity.

    Best regards,
    MSThomK​ 

MSThomK's avatar
MSThomK
Brass Contributor
May 26, 2025

Hi AndrewDawson​ 

Thank you very much for your response.

I was not aware of any changes to the Apple v2 VPP API. Do you happen to have more detailed information on this? Microsoft Support has not mentioned anything in that regard so far.

Just to clarify: I renewed all necessary certificates and tokens on May 14, 2025, and re-uploaded the VPP token again on May 23, 2025. Unfortunately, the issue still persists, even though all other components appear to be functioning correctly.

Current symptoms:

  • App icons are no longer being placed on the home screen (at least not during my latest tests).
  • Apps made available via the Company Portal are not installing on already enrolled devices, which is currently causing significant disruption.
  • App updates also seem to fail silently.
  • Occasionally, I receive error code 0x87D13B95 ("No VPP license found for the app"). After some time, this is replaced by 0x87D127DB ("Unknown").

 

I have purchased new apps via Apple Business Manager, successfully synced them to Intune, and assigned them to test devices — but unfortunately, the apps are not being installed.

As I urgently need to prepare devices for new employees, my only remaining option seems to be setting them up using personal Apple IDs. I plan to test this today in the hope that at least the app installations will succeed. However, this is merely a temporary workaround to ensure basic functionality (e.g., teams phone calls).

At this point, I’m honestly at a loss and would greatly appreciate any insights or suggestions.

Best regards,
MSThomK​ 

Resources