locked
Windows Phone 8.1 MDM Implementation : How to see OS logs on device RRS feed

  • Question

  • I am new for Windows phone and its MDM implementation.

    I am following the Windows Phone 8 Enterprise Device Management Protocol document. Currently stuck at certificate enrollment step.I am using self signed certificate.

    I have created provisioning XML with certificate encoded in it. On device, I am getting error as "We weren't able to setup this account on your phone. Try again later. If you still cant add it, contact your company's support person for help".

    Can someone tell me detailed steps for certificate enrollment with sample xmls?

    Also, I am not able to understand what is happening at device side as not able to get logs.

    So, is there any tool or similar thing using which I can see the logs as like IPCU for iOS?

    Provisioning xml I am trying is :

    <wap-provisioningdoc version="1.1">
        <characteristic type="CertificateStore">
            <characteristic type="Root">
                <characteristic type="System">
                    <characteristic type="031336C933CC7E228B88880D78824FB2909A0A2F">">
                        <parm name="EncodedCertificate" value="<Base64EncodedRootCertInsertedHere>" />
                    </characteristic>
                </characteristic>
            </characteristic>
            <characteristic type="My">
                <characteristic type="User">
                    <characteristic type="F9A4F20FC50D990FDD0E3DB9AFCBF401818D5462">">
                        <parm name="EncodedCertificate" value="<Base64EncodedClientCertInsertedHere>" />
                    </characteristic>
                    <characteristic type="PrivateKeyContainer" />
                </characteristic>
            </characteristic>
        </characteristic>
        <characteristic type="APPLICATION">
            <parm name="APPID" value="w7" />
            <parm name="PROVIDER-ID" value="MDMServer" />
            <parm name="NAME" value="Test" />
            <parm name="ADDR" value="http://IP host:8088/ws/api/wp/synchML" />
            <parm name="CONNRETRYFREQ" value="6" />
            <parm name="INITIALBACKOFFTIME" value="30000" />
            <parm name="MAXBACKOFFTIME" value="120000" />
            <parm name="BACKCOMPATRETRYDISABLED" />
            <parm name="DEFAULTENCODING" value="application/vnd.syncml.dm+wbxml" />
            <parm name="SSLCLIENTCERTSEARCHCRITERIA"
                value="Subject=ClientCertSubject&amp;Stores=MY%5CUser" />
            <characteristic type="APPAUTH">
                <parm name="AAUTHLEVEL" value="CLIENT" />
                <parm name="AAUTHTYPE" value="DIGEST" />
                <parm name="AAUTHSECRET" value="dummy" />
                <parm name="AAUTHDATA" value="nonce" />
            </characteristic>
            <characteristic type="APPAUTH">
                <parm name="AAUTHLEVEL" value="APPSRV" />
                <parm name="AAUTHTYPE" value="DIGEST" />
                <parm name="AAUTHNAME" value="dummy" />
                <parm name="AAUTHSECRET" value="dummy"/>
                <parm name="AAUTHDATA" value="nonce" />
            </characteristic>
        </characteristic>
        <characteristic type="DMClient">
            <characteristic type="Provider">
                <characteristic type="MDMServer">
                    <characteristic type="Poll">
                        <parm name="NumberOfFirstRetries" value="8" datatype="integer" />
                        <parm name="IntervalForFirstSetOfRetries" value="15" datatype="integer" />
                        <parm name="NumberOfSecondRetries" value="5" datatype="integer" />
                        <parm name="IntervalForSecondSetOfRetries" value="3" datatype="integer" />
                        <parm name="NumberOfRemainingScheduledRetries" value="0"
                            datatype="integer" />
                        <parm name="IntervalForRemainingScheduledRetries" value="1560"
                            datatype="integer" />
                    </characteristic>
                    <parm name="EntDeviceName" value="WP8Device"
                        datatype="string" />
                </characteristic>
            </characteristic>
        </characteristic>    
    </wap-provisioningdoc>

    Friday, August 22, 2014 12:40 PM

All replies

  • Hi Sapna,

    From your description, I understood there are some issues when you implement MDM.

    Q: Can someone tell me detailed steps for certificate enrollment with sample xmls?

    A: For this issue, I would suggest you post a new thread on Windows Protocols forum. Where is a specific forum for protocol issue, and you can contact many experts about this issue.

    Q: So, is there any tool or similar thing using which I can see the logs as like IPCU for iOS?

    A: There is a tool named WPA tool to view MDM log file. You can refer to Windows Phone 8.1 MDM Protocol.pdf. Section “Steps to use WPA tool to view MDM log file”.

    Regards,

    Jimmy


    We are trying to better understand customer views on social support experience, so your participation in this interview project would be greatly appreciated if you have time. Thanks for helping make community forums a great place.
    Click HERE to participate the survey.

    Monday, August 25, 2014 6:01 AM
  • Thanks Jimmy.

    I followed the steps to get logs, it worked.

    Proceeding further for enrollment, I am getting below error in logs :

    18, , , , 7, Unknown, Microsoft-WindowsPhone-Enrollment-API-Provider//win:Info, Enrollment succeeded with server (10.10.25.151). , 1, 3280, 10.10.25.151, , , , 1, 27.277927083
    19, , , , 95, Unknown, Microsoft-WindowsPhone-Enrollment-API-Provider//win:Info, [MDM Cert Installer Start] Install cert in app container. , 1, 1672, , , , , 1, 27.407429322
    20, , , , 98, Unknown, Microsoft-WindowsPhone-Enrollment-API-Provider//win:Info, [MDM Cert Installer] Uninstalling enrollment cert for OMADM session. , 1, 1672, , , , , 1, 27.407451302
    21, , , , 96, Unknown, Microsoft-WindowsPhone-Enrollment-API-Provider//win:Info, [MDM Cert Installer End] Success , 1, 1672, , , , , 1, 27.407522500
    22, , , , 72, Unknown, Microsoft-WindowsPhone-Enrollment-API-Provider//win:Info, [MDM Enroll End] Error HRESULT: 0x80070057 , 1, 3280, 0x80070057, , , , 1, 27.494571875

    From error code value 0x80070057, it seems that some value is wrong in response that I am sending to device. But, not able to identify it.

    Can you please have a look over the provisioning xml given below and provide some solution for above error?

    Also, can you please guide me for how to process the PKCS#10 certificate request got from device and send proper certificate enrollment response to device?

    Thanks in advance..

    Provisioning XML:

    <wap-provisioningdoc version="1.1">
    <characteristic type="CertificateStore">
       <characteristic type="Root">
    <characteristic type="System">
    <characteristic type="031336C933CC7E228B88880D78824FB2909A0A2F">">
    <parm name="EncodedCertificate" value="Base64 Encoded self signed certificate" />
    </characteristic>
    </characteristic>
    </characteristic>
    <characteristic type="My">
    <characteristic type="User">
    <characteristic type="F9A4F20FC50D990FDD0E3DB9AFCBF401818D5462">">
    <parm name="EncodedCertificate" value="Base64 Encoded client certificate generated on the fly" />
    </characteristic>
    <characteristic type="PrivateKeyContainer" />
    </characteristic>
    </characteristic>
    </characteristic>
    <characteristic type="APPLICATION">
    <parm name="APPID" value="w7" />
    <parm name="PROVIDER-ID" value="MDMServer" />
    <parm name="NAME" value="Test" />
    <parm name="ADDR" value="http://localhost:8080/ws/api/wp/synchML" />
    <parm name="CONNRETRYFREQ" value="6" />
    <parm name="INITIALBACKOFFTIME" value="30000" />
    <parm name="MAXBACKOFFTIME" value="120000" />
    <parm name="BACKCOMPATRETRYDISABLED" />
    <parm name="DEFAULTENCODING" value="application/vnd.syncml.dm+wbxml" />
    <parm name="SSLCLIENTCERTSEARCHCRITERIA"
    value="Subject=MDMLocalClientCert&amp;Stores=MY%5CUser" />
    <characteristic type="APPAUTH">
    <parm name="AAUTHLEVEL" value="CLIENT" />
    <parm name="AAUTHTYPE" value="DIGEST" />
    <parm name="AAUTHSECRET" value="dummy" />
    <parm name="AAUTHDATA" value="nonce" />
    </characteristic>
    <characteristic type="APPAUTH">
    <parm name="AAUTHLEVEL" value="APPSRV" />
    <parm name="AAUTHTYPE" value="DIGEST" />
    <parm name="AAUTHNAME" value="dummy" />
    <parm name="AAUTHSECRET" value="dummy"/>
    <parm name="AAUTHDATA" value="nonce" />
    </characteristic>
    </characteristic>
    <characteristic type="DMClient"> 
    <characteristic type="Provider">
    <characteristic type="MDMServer">
    <characteristic type="Poll">
    <parm name="NumberOfFirstRetries" value="8" datatype="integer" />
    <parm name="IntervalForFirstSetOfRetries" value="15" datatype="integer" />
    <parm name="NumberOfSecondRetries" value="5" datatype="integer" />
    <parm name="IntervalForSecondSetOfRetries" value="3" datatype="integer" />
    <parm name="NumberOfRemainingScheduledRetries" value="0"
    datatype="integer" />
    <parm name="IntervalForRemainingScheduledRetries" value="1560"
    datatype="integer" />
    </characteristic>
    <parm name="EntDeviceName" value="WP8Device"
    datatype="string" />
    </characteristic>
    </characteristic>
    </characteristic>
    </wap-provisioningdoc>


    Tuesday, August 26, 2014 2:24 PM