IT-Policy not working on iOS?

Wolfgang_Bauer · ‎04-12-2012

Hello,

I have activated an iPhone on UDS. I can see the IT-Policy in the Client on the device but it does not get applied to the device (e.g. I don't have to set an password). I also don't see the other profiles which are attached to the user in the client (e.g. ActiveSync).

Does anyone have this problem, too?

On an android device it is working.

unpp · ‎04-11-2012

have you set the minimum password length

Wolfgang_Bauer · ‎04-12-2012

Hello,

the minimum password length is set to 4; not simple; min. 1 letter; min. 1 number; delete after 5 trys; auto lock 5 minutes.

leigh28 · ‎04-18-2012

Hi

This might be similar to what I had with our iOS devices after my UDS install.

Are you seeing 'action.poke' failure message in the users Communication Logs?

If so you, make sure port 2195 is open on your firewall for outbound traffic from the server that runs your Core Module.

This will allow the policies and profiles to be pushed out to the iOS devices.

Wolfgang_Bauer · ‎04-12-2012

Hello,

the firewall rules are correct and working (tested via telnet). The APNS certificate has the status Installed and expires 2013. But the log entrys show that anything is not working:

19. April 2012 06:33:28 UTC: 

command.application 

request 



19. April 2012 06:33:28 UTC: 

command.deviceinfo_bdmi 

request 



19. April 2012 06:33:28 UTC: 

command.deviceinfo 

request 



19. April 2012 06:32:03 UTC: 

action.update 

request 



19. April 2012 06:18:24 UTC: 

command.application 

request 



19. April 2012 06:18:24 UTC: 

command.deviceinfo_bdmi 

request 



19. April 2012 06:18:24 UTC: 

command.deviceinfo 

request 



19. April 2012 06:03:16 UTC: 

command.application 

request 

....


17. April 2012 08:26:06 UTC: 

command.deviceinfo_bdmi 

request 



17. April 2012 08:26:06 UTC: 

command.deviceinfo 

request 



17. April 2012 08:11:05 UTC: 

command.application 

request 



17. April 2012 08:11:05 UTC: 

command.deviceinfo_bdmi 

request 



17. April 2012 08:11:05 UTC: 

command.deviceinfo 

request 



17. April 2012 07:57:08 UTC: 

action.update 

success

In the core log I found this:

ERROR,"2012-04-19 00:17:04,509",31,0,"2c74bfc9-5a0a-49b1-8e3b-a1052a59ce38","Unhandled Poke Exception. Error of performing device 'poke'. ",
,Type: System.InvalidOperationException
,Message: No certificates with key 'APSP:f21b760f-77e3-487d-9745-307a874c61e6' found in the store.
,Source: RIM.BUDS.Utilities
,TargetSite: "System.Security.Cryptography.X509Certificates.X509Certificate2 GetCertificate(System.String, System.Security.Cryptography.X509Certificates.X509FindType, System.Security.Cryptography.X509Certificates.StoreName)"
,StackTrace:    at RIM.BUDS.Utilities.Helpers.CertificateFactory.GetCertificate(String subjectName, X509FindType findType, StoreName storeLocation) in c:\ec_build\604689\BUDSServer\source\enterprise\BUDS\Server\Sources\RIM.BUDS.Utilities\Helpers\CertificateFactory.cs:line 41
,   at RIM.BUDS.DeviceActions.iOS.iOSActionPoke.GetApnsCertificate(String certSubject) in c:\ec_build\604689\BUDSServer\source\enterprise\BUDS\Server\Sources\RIM.BUDS.DeviceActions.iOS\iOSActionPoke.cs:line 102
,   at RIM.BUDS.DeviceActions.iOS.iOSActionPoke.Execute(JObject tenant, JObject device) in c:\ec_build\604689\BUDSServer\source\enterprise\BUDS\Server\Sources\RIM.BUDS.DeviceActions.iOS\iOSActionPoke.cs:line 80
,   at RIM.BUDS.Core.Model.DeviceModel.ExecutePoke(Object data) in c:\ec_build\604689\BUDSServer\source\enterprise\BUDS\Server\Sources\RIM.BUDS.Core\Model\Device\DeviceModel.cs:line 676

Maybe there is a bug with the APNS certificate handling.

I will try to renew the certificate

automaticasolutions · ‎04-19-2012

I had similar problems, I had forgot to add permissions to the APNS certificate, then I had to re-enrol my ipad, then I started to get "success" in my communication log

Wolfgang_Bauer · ‎04-12-2012

Hello,

where do I need to add permissions?

leigh28 · ‎04-18-2012

OK, from your mmc, Certificates snap-in on the UDS server right-click on the Apple certificate in the Personal store, select All Tasks followed by Manage Private Keys. You will need to add Authenticated Users with Read permissions.

Wolfgang_Bauer · ‎04-12-2012

Hello,

thanks! It's working now. I dindn't saw this part on the APNS Import Page and after the APNS Import, this information was not accessible any more (the Learn more link does not work).

For all who need this information too:

- Open MMC

- Add local computer certificate store

- Open Personal/Certificates and right click on it

- All Tasks -> Import

- Choose APNS Cert

- Mark the key as exportable and enter the password and click next until finish

- Right click the APNS Cert in the MMC (begins with APSP)

- All tasks -> manage private keys

- Add the Service Account and give Read permissions

hinojosa89 · ‎09-16-2008

Hi

I have a similar problem but i check all the things you said in the answer and we did everithing in the installation but still is not working. I can see the it policy in the fusion client, i can see in the about section the activate device info but the it policy is not applied to de iphone. We test with a password policy but no password is set in the iphone.

the only thing i can find is in the communiation log

24 de abril de 2012 16:22:38 UTC:	action.poke	success
24 de abril de 2012 16:22:38 UTC:	command.application	request
24 de abril de 2012 16:22:38 UTC:	command.deviceinfo_bdmi	request
24 de abril de 2012 16:22:38 UTC:	command.deviceinfo	request

I try to understand the core log but i can't find any error reference.

Could you help us?

thanks

Welcome!

BlackBerry Mobile Fusion

IT-Policy not working on iOS?

Re: IT-Policy not working on iOS?

Re: IT-Policy not working on iOS?

Re: IT-Policy not working on iOS?

Re: IT-Policy not working on iOS?

Re: IT-Policy not working on iOS?

Re: IT-Policy not working on iOS?

Re: IT-Policy not working on iOS?

Re: IT-Policy not working on iOS?

Re: IT-Policy not working on iOS?