Microsoft Secure Tech Accelerator
Apr 03 2024, 07:00 AM - 11:00 AM (PDT)
Microsoft Tech Community

The file name is too long. 0x8007006f Error with NDES & SCEP Profile in Intune

Copper Contributor

Hi,

 

I have configured NDES server to issues certificates to win10 devices.For this

1.Configured NDES server with templates etc

2.Configured Intune connector and created scep profiles and assgined it to users

3.Installed & Configured Azure App proxy connector

 

I could reach the NDES server over 443 from internet fine, but can not deploy certificates to devices using SCEP profile. I get the below error

 

 

 

 

GetCACapsDone
GetCACaps: OK
HTTP/1.1 200 OK
Cache-Control: no-cache, no-store
Date: Tue, 19 Jun 2018 21:52:27 GMT
Pragma: no-cache
Content-Length: 24664
Content-Type: text/html; charset=utf-8
Expires: -1
P3P: CP="DSP CUR OTPi IND OTRi ONL FIN"
Server: Microsoft-IIS/10.0
Set-Cookie: buid=AQABAAEAAADX8GCi6Js6SK82TsD2Pb7rkPa2oQQqxLwIHWbxdpZdcjvuo8tf8wyL1lpsd7rwQY4yGmI0pf9huiG-12345E8eVPThLblV5Sxrzg1RXZ7stoPjwVo5i1kaV7PzKkaJIjTrzLUogAA; expires=Thu, 19-Jul-2018 21:52:28 GMT; path=/; secure; HttpOnly
Set-Cookie: esctx=ABAQABAAAAAADX8GCi6Js6SK82TsD2Pb7r4zUB_O9BLdczpp4pKsEdfx-x1B21DuqzyKJjPj_ENhW4QWa_yk54HOZNE19H-NgSSzb1q0NfnPpia6Ku-rjpXurfM5Znht5x_A09unL-YsmKjaHmaNglYJopGO5kLsVV_VzLmpTCnsxSda9Cm6b2Nj3OaqPNyKIkZ4l2Nj68vZyi4gAA; domain=.login.microsoftonline.com; path=/; secure; HttpOnly
Set-Cookie: x-ms-gateway-slice=014; path=/; secure; HttpOnly
Set-Cookie: stsservicecookie=ests; path=/; secure; HttpOnly
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Frame-Options: DENY
x-ms-request-id: 1d8e6f99-6435-4026-ae60-681fd9964a00
X-Powered-By: ASP.NET

Method: GET(469ms)
Stage: GetCACapsDone
The file name is too long. 0x8007006f (WIN32/HTTP: 111 ERROR_BUFFER_OVERFLOW)

6 Replies

i got it resolved, it was some issue with the subject name in the certificate i am using.

 

So, quick question: Are you now delivering device certificates to the devices? Are you using Intune Standalone or Intune/SCCM hybrid?   I've been struggling with this for the past week to deliver certificates to devices for our 802.1x wireless infrastructure -even though I have no issues deliver users a similar SCEP cert  (issued outlined and screenshot in this post) with Intune standalone.   I even went as far as to put in a ticket, and I was told that Intune standalone couldn't deliver device-based certs (which I find hard to swallow).

We are delivering user certificates, We use intune standalone not with SCCM Hybrid.

I am not really sure about intune standalone can not deliver device based certs. If I test this i will let you know

Thanks for the follow-up, Prasad.  I have confirmed with a couple of other users and now with Premier Support that delivering device certificates is not available in Standalone at this time.  Thanks for checking, though!

Hi Prasad,

What was the actual problem with your subject name in the cert?

 

I'm experiencing the same issue with Application Proxy and SCEP cert enrollment. I have the certificate on the app proxy set with the Subject Name as the internal FQDN with the Subject Alternative Name of the external FQDN. 

 

I would appreciate any advice you can give.

Cheers,

Paul

Hi @Paul Berlemont ,

 

Did you ever get this resolved, we are having the issue with Application Proxy and SCEP via Intune.

 

Thanks

 

Tom