locked
Unable to Enrol Windows Phone 8.1 device after adding EnterpriseAppManagement tags in Enrollment XML RRS feed

  • Question

  • Hi,

    We are trying to enrol Windows Phone 8.1 for Enterprise App Management, but device is not getting enrolled. Here is the Binary Security Token we are sending to device:

    <wap-provisioningdoc version="1.1">
        <characteristic type="CertificateStore">
            <characteristic type="Root">
                <characteristic type="System">
                    <characteristic type="6E4D4291376B166669B45AC5FBE9D1BAB0C56F68">
                        <parm name="EncodedCertificate" value="B64EncodedCertInsertedHere" />
                    </characteristic>
                </characteristic>
            </characteristic>
            <characteristic type="My">
                <characteristic type="User">
                    <characteristic type="319C216F431DCA264BF0041FC47F99DE79C26590">
                        <parm name="EncodedCertificate" value="B64EncodedCertInsertedHere" />
                    </characteristic>
                    <characteristic type="PrivateKeyContainer"></characteristic>
                </characteristic>
                <characteristic type="WSTEP">
                    <characteristic type="Renew">
                        <parm name="ROBOSupport" value="true" datatype="boolean" />
                        <parm name="RenewPeriod" value="60" datatype="integer" />
                        <parm name="RetryInterval" value="4" datatype="integer" />
                    </characteristic>
                </characteristic>
            </characteristic>
        </characteristic>
        <characteristic type="APPLICATION">
            <parm name="APPID" value="w7" />
            <parm name="PROVIDER-ID" value="1MMDMServer" />
            <parm name="NAME" value="OrganizationName" />
            <parm name="ADDR" value="https://wpfedserviceURL/" />
            <parm name="CONNRETRYFREQ" value="6" />
            <parm name="INITIALBACKOFFTIME" value="30000" />
            <parm name="MAXBACKOFFTIME" value="120000" />
            <parm name="BACKCOMPATRETRYDISABLED" />
            <parm name="DEFAULTENCODING" value="application/vnd.syncml.dm+xml" />
            <parm name="SSLCLIENTCERTSEARCHCRITERIA" value="Subject=CN%3D28_5792&amp;Stores=My%5CUser" />
            <characteristic type="APPAUTH">
                <parm name="AAUTHLEVEL" value="CLIENT" />
                <parm name="AAUTHTYPE" value="DIGEST" />
                <parm name="AAUTHSECRET" value="47732fe0-886d-4b5b-a484-6b98c91e0678" />
                <parm name="AAUTHDATA" value="B64encodedBinaryNonceInsertedHere" />
            </characteristic>
           </characteristic>
            <characteristic type="APPAUTH">
                <parm name="AAUTHLEVEL" value="APPSRV" />
                <parm name="AAUTHTYPE" value="BASIC" />
                <parm name="AAUTHNAME" value="UseremailID" />
                <parm name="AAUTHSECRET" value="Db2tbapBFfvlM8RT56fO6METRvEs3e" />
            </characteristic>
        </characteristic>
        <characteristic type="DMClient">
            <characteristic type="Provider">
                <characteristic type="1MMDMServer">
                    <characteristic type="Poll">
                        <parm name="NumberOfFirstRetries" value="2" datatype="integer" />
                        <parm name="IntervalForFirstSetOfRetries" value="3" datatype="integer" />
                        <parm name="NumberOfSecondRetries" value="2" datatype="integer" />
                        <parm name="IntervalForSecondSetOfRetries" value="10" datatype="integer" />
                        <parm name="NumberOfRemainingScheduledRetries" value="0" datatype="integer" />
                        <parm name="IntervalForRemainingScheduledRetries" value="1" datatype="integer" />
                    </characteristic>
                    <parm name="EntDeviceName" value="Windows Phone 8__15" datatype="string" />
                </characteristic>
            </characteristic>
        </characteristic>
        <characteristic type="EnterpriseAppManagement">
            <characteristic type="EnterpriseID">
                <parm datatype="string" name="EnrollmentToken" value="B64EncodedAET" />
                <parm datatype="string" name="StoreProductId" value="{92A7F577-6F01-243F-8399-088E0DC40656}" />
                <parm datatype="string" name="StoreURI" value="HTTPS://DM.contoso.com:443/EnrollmentServer/clientcabs/EnterpriseApp1.xap" />
                <parm datatype="string" name="StoreName" value="Contoso App Store" />
                <parm datatype="string" name="CertificateSearchCriteria" value="CN%3D28_5793" />
                <parm datatype="string" name="CRLCheck" value="0" />
            </characteristic>
        </characteristic>
    </wap-provisioningdoc>

    On device it is showing error as "We weren't able to set up this account on your phone. Try again later. If you still can't add it, contact your company's support person for help."

    The security token is as per the MDM document. If we remove the "EnterpriseAppManagement" tags then device is getting enrolled. 

    Please help in enrolling the device, is it something I am missing.

    Thank you for the help.

    Thanks,

    Swapnil

     




    Friday, July 17, 2015 10:20 AM