06-12-2013 11:41 AM
I'm testing a 60-days BES 10.1 and I can activate BB10 devices. What I can't do is activate Android and iOS because when I go to https://it.bbsecure.com/Sxxxxxxxx/ca it returns this error:I noticed that if I disconnect the BES server, this page returns an "unavailable" page, so it looks like the issue is with our Windows 2008 R2 server permissions. Have I missed something? Was your installation smooth or did you have to change some default permissions, please?Code:<errorResponse> <errorCode>2007</errorCode> <errorString>User not authorized for requested core server operation.</errorString> <errorStringAuxiliary>The remote server returned an error: (401) Unauthorized.</errorStringAuxiliary> </errorResponse>
I also tried to use a wildcard certificate published by a certification authority, but no avail. By the way - I don't know if it's normal - in IIS bindings for UDS.CommunicationModule I see port 33443, not the standard 443, but maybe this is as expected.
Thanks for your time!
Solved! Go to Solution.
06-12-2013 11:46 AM
try this work around.. See article
Unable to activate an Android or iOS device after installing Universal Device Service
06-13-2013 05:44 AM
Thanks for the tip: it came out that the issue was with the Core Module Password, probably it contained unwanted characters. After several attempts I was forced to delete BES 10 databases and reinstall everything, but now it seems to work! Waiting for the Apple Push certificate for final test, but it looks like it'sdone. Thanks again!
06-17-2013 11:56 AM
KB31152 is not available anymore.
I have the same error with my BES 10.1
I have BES10.1 and Exchange 2007 sp2.
I can successfully activate Z10 device.
I have generated APNs certificate request and get certificate from Apple . When I try to activate Android or iPhone device, the certificate link from activation email doesn't work (https://ca.bbsecure.com/C#########/ca):
1) What common name I should use when I create APNs certificate request for Apple?
Should it be server BES 10.1 FQDN or mail.domain.com from SSL certificate for regular ActiveSync\OWA
2) When Android or iPhone try to download certificate, are they going to download them directly from my BES10.1 server? How can I check why they can't download certificate?
06-17-2013 12:08 PM
Refer to Google cache copy of the KB article until it's available: http://webcache.googleusercontent.com/search?q=cac
Are you facing exactly my problem? If so, what I did was going to the Server Configuration Tool and changing the Core Module password. It came out there was an error with it (an unspecified error has occurred changing your password) and I wasn't able to change it again. Even reinstalling the BES it failed at the very last steps, and in the logs it was reported a failure changing the password. Apparently, the password I chose was either too long or with unwanted characters, but BES didn't stop me when I chose it.
About your other questions, I chose a mnemonic common name like mdm.domain.com but I hadn't had a change to test the activation on iOS devices (while I did on Android).
I guess the certificate is downloaded from the server, because if you disconnect it from your network and try to go to https://ca.bbsecure.com/C#########/ca you should get a 404 error, different from the usual unauthorized error.
Hope this helps,
06-17-2013 12:30 PM
Yes, you are right, I got "The webpage cannot be found" HTTP 404, whe I try to go to th elink to download certificate
But my server is connected to the network and IIS "UDS.CommunicatiomModule" nad "UDS.CoreModule" are running and all outgoing ports are open on Firewall.
What i did wrong, what should I check?
06-17-2013 12:34 PM
OK, so I understand your problem is different than mine, since you always get the 404 error page regardless the BES is up or down. Is the SRP ID in the URL the same as yours? I've read that it happened that it was different in some (old) cases.
I guess you already tried, for testing purposes, to allow all the outbound traffic from BES to External and to disable local software firewalls.