Welcome!

Welcome to the official BlackBerry Support Community Forums.

This is your resource to discuss support topics with your peers, and learn from each other.

inside custom component

BlackBerry® Enterprise Service 10

Reply
Highlighted
Contributor
Posts: 11
Registered: ‎01-29-2014
My Device: Q10
My Carrier: Etisalat

Please help with SCEP on BES 10.2

I have been struggling for past 2 weeks to get this setup. no luck so far.

Can you help me by giving some pointers.

In Environment in short
1. I have setup the Exchange CAS, IIS for CBA as per the technet blogs

2. I have set up NDES on win 2k8 r2 and created a SCEP profile on BES 10.2

3. I can see that a cert is being issued by the CA while enrolling the device.
Principal Name=user@domain.local
RFC822 Name=user@publicdomain.com

where domain.local is the internal AD FQDN and publicdomain.com is the domain of the user's email address


Our UPN is different from the user email address.

4. However at the end of activation process it still asks for AD user name and password

Please help me head in the right direction.

Note: at the end of activation, i get a prompt that the email provider may not be trustworthy before the AD username and password prompt. I have tried to add the CA root cert to the BAS share and tried to import it to the device using the USB cable as well. still no luck
Since most of our current Z10,Q10 users are using Basic auth. i just change the auth temporarily to required certs at night and try to activate my test devices. when i fail after multiple attempts, i change the active syn auth back to Basic

Next morning users just type their AD password and continue working Smiley Wink
Help please