none
SyncML communication with client RRS feed

  • Question

  • Hi,

    I am writing a custom MDM server to enroll and manage windows 10 devices. I have successfully enrolled the client (federated) and it now sends me SyncML requests.

    Here is this first message my server received from client:

    <?xml version="1.0" encoding="UTF-8"?>
    <SyncML xmlns="SYNCML:SYNCML1.2">
       <SyncHdr>
          <VerDTD>1.2</VerDTD>
          <VerProto>DM/1.2</VerProto>
          <SessionID>1</SessionID>
          <MsgID>1</MsgID>
          <Target>
             <LocURI>https://dhruvesh.auth.hpicorp.net/services/oma-dm/rs/syncml</LocURI>
          </Target>
          <Source>
             <LocURI>D37B7357741EF44EA285D0D6371F70AC</LocURI>
          </Source>
       </SyncHdr>
       <SyncBody>
          <Alert>
             <CmdID>2</CmdID>
             <Data>1201</Data>
          </Alert>
          <Alert>
             <CmdID>3</CmdID>
             <Data>1224</Data>
             <Item>
                <Meta>
                   <Type xmlns="syncml:metinf">com.microsoft/MDM/LoginStatus</Type>
                </Meta>
                <Data>user</Data>
             </Item>
          </Alert>
          <Replace>
             <CmdID>4</CmdID>
             <Item>
                <Source>
                   <LocURI>./DevInfo/DevId</LocURI>
                </Source>
                <Data>D37B7357741EF44EA285D0D6371F70AC</Data>
             </Item>
             <Item>
                <Source>
                   <LocURI>./DevInfo/Man</LocURI>
                </Source>
                <Data>Unknown</Data>
             </Item>
             <Item>
                <Source>
                   <LocURI>./DevInfo/Mod</LocURI>
                </Source>
                <Data>Unknown</Data>
             </Item>
             <Item>
                <Source>
                   <LocURI>./DevInfo/DmV</LocURI>
                </Source>
                <Data>1.3</Data>
             </Item>
             <Item>
                <Source>
                   <LocURI>./DevInfo/Lang</LocURI>
                </Source>
                <Data>en-US</Data>
             </Item>
          </Replace>
          <Final />
       </SyncBody>
    </SyncML>

    (NOTE: In the above first SyncML from client i did not get <Cred> in the SyncHdr)

    In response to that I sent the following SyncML to the client, to get more device information:

    <?xml version="1.0" encoding="UTF-8"?>
    <SyncML xmlns="SYNCML:SYNCML1.2">
       <SyncHdr>
          <VerDTD>1.2</VerDTD>
          <VerProto>DM/1.2</VerProto>
          <SessionID>1</SessionID>
          <MsgID>1</MsgID>
          <Target>
             <LocURI>D37B7357741EF44EA285D0D6371F70AC</LocURI>
          </Target>
          <Source>
             <LocURI>https://dhruvesh.auth.hpicorp.net/services/oma-dm/rs/syncml</LocURI>
          </Source>
          <Cred>
             <Meta>
                <Format xmlns="syncml:metinf">b64</Format>
                <Type xmlns="syncml:metinf">syncml:auth-md5</Type>
             </Meta>
             <Data>jmWbonrSA6/37ziySdXG7A==</Data>
          </Cred>
       </SyncHdr>
       <SyncBody>
          <Status>
             <CmdID>1</CmdID>
             <MsgRef>1</MsgRef>
             <CmdRef>0</CmdRef>
             <Cmd>SyncHdr</Cmd>
             <TargetRef>D37B7357741EF44EA285D0D6371F70AC</TargetRef>
             <Data>212</Data>
          </Status>
          <Status>
             <CmdID>2</CmdID>
             <MsgRef>1</MsgRef>
             <CmdRef>3</CmdRef>
             <Cmd>Alert</Cmd>
             <Data>200</Data>
          </Status>
          <Status>
             <CmdID>3</CmdID>
             <MsgRef>1</MsgRef>
             <CmdRef>4</CmdRef>
             <Cmd>Replace</Cmd>
             <Data>200</Data>
          </Status>
          <Get>
             <CmdID>75</CmdID>
             <Item>
                <Target>
                   <LocURI>./DevDetail/SwV</LocURI>
                </Target>
             </Item>
             <Item>
                <Target>
                   <LocURI>./Vendor/MSFT/DeviceInstanceService/Identity/Identity1/IMSI</LocURI>
                </Target>
             </Item>
             <Item>
                <Target>
                   <LocURI>./Vendor/MSFT/DeviceInstanceService/Identity/Identity1/IMEI</LocURI>
                </Target>
             </Item>
             <Item>
                <Target>
                   <LocURI>./DevInfo/DevId</LocURI>
                </Target>
             </Item>
             <Item>
                <Target>
                   <LocURI>./DevInfo/Man</LocURI>
                </Target>
             </Item>
             <Item>
                <Target>
                   <LocURI>./DevInfo/Mod</LocURI>
                </Target>
             </Item>
             <Item>
                <Target>
                   <LocURI>./DevInfo/Lang</LocURI>
                </Target>
             </Item>
             <Item />
             <Item>
                <Target>
                   <LocURI>./DevDetail/Ext/WLANMACAddress</LocURI>
                </Target>
             </Item>
             <Item>
                <Target>
                   <LocURI>./DevDetail/Ext/Microsoft/Resolution</LocURI>
                </Target>
             </Item>
             <Item>
                <Target>
                   <LocURI>./DevDetail/Ext/Microsoft/DeviceName</LocURI>
                </Target>
             </Item>
          </Get>
          <Final />
       </SyncBody>
    </SyncML>

    However, the client is not sending me the required information. Here is the next SyncML message I received from client:

    <?xml version="1.0" encoding="UTF-8"?>
    <SyncML xmlns="SYNCML:SYNCML1.2">
       <SyncHdr>
          <VerDTD>1.2</VerDTD>
          <VerProto>DM/1.2</VerProto>
          <SessionID>1</SessionID>
          <MsgID>2</MsgID>
          <Target>
             <LocURI>https://dhruvesh.auth.hpicorp.net/services/oma-dm/rs/syncml</LocURI>
          </Target>
          <Source>
             <LocURI>D37B7357741EF44EA285D0D6371F70AC</LocURI>
          </Source>
       </SyncHdr>
       <SyncBody>
          <Status>
             <CmdID>1</CmdID>
             <MsgRef>0</MsgRef>
             <CmdRef>0</CmdRef>
             <Cmd>SyncHdr</Cmd>
             <Data>500</Data>
          </Status>
          <Alert>
             <CmdID>2</CmdID>
             <Data>1201</Data>
          </Alert>
          <Alert>
             <CmdID>3</CmdID>
             <Data>1224</Data>
             <Item>
                <Meta>
                   <Type xmlns="syncml:metinf">com.microsoft/MDM/LoginStatus</Type>
                </Meta>
                <Data>user</Data>
             </Item>
          </Alert>
          <Replace>
             <CmdID>4</CmdID>
             <Item>
                <Source>
                   <LocURI>./DevInfo/DevId</LocURI>
                </Source>
                <Data>D37B7357741EF44EA285D0D6371F70AC</Data>
             </Item>
             <Item>
                <Source>
                   <LocURI>./DevInfo/Man</LocURI>
                </Source>
                <Data>Unknown</Data>
             </Item>
             <Item>
                <Source>
                   <LocURI>./DevInfo/Mod</LocURI>
                </Source>
                <Data>Unknown</Data>
             </Item>
             <Item>
                <Source>
                   <LocURI>./DevInfo/DmV</LocURI>
                </Source>
                <Data>1.3</Data>
             </Item>
             <Item>
                <Source>
                   <LocURI>./DevInfo/Lang</LocURI>
                </Source>
                <Data>en-US</Data>
             </Item>
          </Replace>
          <Final />
       </SyncBody>
    </SyncML>


    As you can see the client did not send me the information that I requested. Can anyone please tell me if I am missing something ? Any help would really be appreciated :)

    FYI, I believe that I am missing something related to the AUTHSECRET and AUTHDATA fields. Here is my WAP for reference

    <?xml version="1.0" encoding="UTF-8" standalone="no"?><wap-provisioningdoc version="1.1">
       <characteristic type="CertificateStore">
          <characteristic type="Root">
             <characteristic type="System">
                <characteristic type="E6E7F4391506104CC4B0557A244EF94F2FC67FBD">
                   <parm name="EncodedCertificate" value="<MyRootCertificate>"/>
             </characteristic>
             </characteristic>
          </characteristic>
       </characteristic>
       <characteristic type="CertificateStore">
          <characteristic type="My">
             <characteristic type="User">
                <characteristic type="22FEAA186E2BECB96D609BE5B646AD138A98CCC2">
                   <parm name="EncodedCertificate" value="<MyClientCertificate>"/>
                </characteristic>
                <characteristic type="PrivateKeyContainer"/>
             </characteristic>
             <characteristic type="WSTEP">
                <characteristic type="Renew">
                   <parm datatype="boolean" name="ROBOSupport" value="true"/>
                   <parm datatype="integer" name="RenewPeriod" value="60"/>
                   <parm datatype="integer" name="RetryInterval" value="4"/>
                </characteristic>
             </characteristic>
          </characteristic>
       </characteristic>
       <characteristic type="APPLICATION">
          <parm name="APPID" value="w7"/>
          <parm name="PROVIDER-ID" value="MDMServer"/>
          <parm name="NAME" value="HP TouchPoint Manager"/>
          <parm name="ADDR" value="https://dhruvesh.auth.hpicorp.net/services/oma-dm/rs/syncml"/>
          <parm name="CONNRETRYFREQ" value="6"/>
          <parm name="INITIALBACKOFFTIME" value="30000"/>
          <parm name="MAXBACKOFFTIME" value="120000"/>
          <parm name="BACKCOMPATRETRYDISABLED"/>
          <!-- <parm name="DEFAULTENCODING" value="application/vnd.syncml.dm+wbxml" /> -->
          <parm name="DEFAULTENCODING" value="application/vnd.syncml.dm+xml"/>
          <parm name="SSLCLIENTCERTSEARCHCRITERIA" value="Subject=CN%3DHP.OMADM.Client&amp;Stores=My%5CUser"/>
          <characteristic type="APPAUTH">
             <parm name="AAUTHLEVEL" value="CLIENT"/>
             <parm name="AAUTHTYPE" value="DIGEST"/>
             <parm name="AAUTHSECRET" value="dummy"/>
             <parm name="AAUTHDATA" value="MTIzNDU="/>
          </characteristic>
          <characteristic type="APPAUTH">
             <parm name="AAUTHLEVEL" value="APPSRV"/>
             <parm name="AAUTHTYPE" value="BASIC"/>
             <parm name="AAUTHNAME" value="dummy"/>
             <parm name="AAUTHSECRET" value="dummy"/>
             <parm name="AAUTHDATA" value="MTIzNDU="/>
          </characteristic>
       </characteristic>
       <characteristic type="DMClient">
          <characteristic type="Provider">
             <characteristic type="MDMServer">
                 <characteristic type="Poll">
                    <parm datatype="integer" name="NumberOfFirstRetries" value="8"/>
                    <parm datatype="integer" name="IntervalForFirstSetOfRetries" value="15"/>
                    <parm datatype="integer" name="NumberOfSecondRetries" value="5"/>
                    <parm datatype="integer" name="IntervalForSecondSetOfRetries" value="3"/>
                    <parm datatype="integer" name="NumberOfRemainingScheduledRetries" value="0"/>
                    <parm datatype="integer" name="IntervalForRemainingScheduledRetries" value="1560"/>
                    <parm datatype="boolean" name="PollOnLogin" value="true"/>
                 </characteristic>
                 <parm datatype="string" name="EntDeviceName" value="Administrator_Windows"/>
             </characteristic>
         </characteristic>
       </characteristic>
    </wap-provisioningdoc>

    As you can see I have "dummy" as AUTHSECRET and AUTHDATA as a b64 encoded numeric value.. Can someone help me understand if these fileds need to be sent in my SyncML response to the first SyncML request from client ?

    Thanks


    Tuesday, March 15, 2016 1:12 PM

Answers

  • Hi, 

    I solved my issue, as suggested it was related to the SyncML syntax..

    I was sending this as the first element in the response SyncML

    <?xml version="1.0" encoding="UTF-8" standalone="no"?>

    However, from my observation, the client accepts it only when the "standalone" property is not there. Here is the SyncML response from server that the client accepted.

    <?xml version="1.0" encoding="UTF-8"?>
    <SyncML xmlns="SYNCML:SYNCML1.2">
       <SyncHdr>
          <VerDTD>1.2</VerDTD>
          <VerProto>DM/1.2</VerProto>
          <SessionID>1</SessionID>
          <MsgID>1</MsgID>
          <Target>
             <LocURI>D37B7357741EF44EA285D0D6371F70AC</LocURI>
          </Target>
          <Source>
             <LocURI>https://dhruvesh.auth.hpicorp.net/services/oma-dm/rs/syncml</LocURI>
          </Source>
          <Cred>
             <Meta>
                <Format xmlns="syncml:metinf">b64</Format>
                <Type xmlns="syncml:metinf">syncml:auth-md5</Type>
             </Meta>
             <Data>jmWbonrSA6/37ziySdXG7A==</Data>
          </Cred>
       </SyncHdr>
       <SyncBody>
          <Status>
             <CmdID>1</CmdID>
             <MsgRef>1</MsgRef>
             <CmdRef>0</CmdRef>
             <Cmd>SyncHdr</Cmd>
             <TargetRef>D37B7357741EF44EA285D0D6371F70AC</TargetRef>
             <Data>212</Data>
          </Status>
          <Status>
             <CmdID>2</CmdID>
             <MsgRef>1</MsgRef>
             <CmdRef>2</CmdRef>
             <Cmd>Alert</Cmd>
             <Data>200</Data>
          </Status>
          <Status>
             <CmdID>3</CmdID>
             <MsgRef>1</MsgRef>
             <CmdRef>3</CmdRef>
             <Cmd>Alert</Cmd>
             <Data>200</Data>
          </Status>
          <Status>
             <CmdID>4</CmdID>
             <MsgRef>1</MsgRef>
             <CmdRef>4</CmdRef>
             <Cmd>Replace</Cmd>
             <Data>200</Data>
          </Status>
          <Get>
             <CmdID>5</CmdID>
             <Item>
                <Target>
                   <LocURI>./DevDetail/SwV</LocURI>
                </Target>
             </Item>
          </Get>
          <Final />
       </SyncBody>
    </SyncML>

    FYI for others with the same problem: Also make sure that you have a <Status> with appropriate <Data>ResponseCode</Data> for each incoming <Cmd>


    Thanks for your help :)


    Thursday, March 17, 2016 11:27 AM

All replies

  • Hello Dhruvesh :

    Thankyou for contacting Microsoft Support. A support engineer will be in touch to assist further.

    Regards


    Tarun Chopra | Escalation Engineer | Open Specifications Support Team

    Tuesday, March 15, 2016 8:20 PM
  • Hi Dhruvesh:

    I'll help you with this issue. The protocol document in this case is MS-MDM (https://msdn.microsoft.com/en-us/library/dn392112.aspx )

    Please consult the document for proper syntax of SyncML.

    Are you using Windows 10 PC or Windows Phone?


    Regards, Obaid Farooqi

    Wednesday, March 16, 2016 10:47 PM
    Owner
  • Hi, 

    I solved my issue, as suggested it was related to the SyncML syntax..

    I was sending this as the first element in the response SyncML

    <?xml version="1.0" encoding="UTF-8" standalone="no"?>

    However, from my observation, the client accepts it only when the "standalone" property is not there. Here is the SyncML response from server that the client accepted.

    <?xml version="1.0" encoding="UTF-8"?>
    <SyncML xmlns="SYNCML:SYNCML1.2">
       <SyncHdr>
          <VerDTD>1.2</VerDTD>
          <VerProto>DM/1.2</VerProto>
          <SessionID>1</SessionID>
          <MsgID>1</MsgID>
          <Target>
             <LocURI>D37B7357741EF44EA285D0D6371F70AC</LocURI>
          </Target>
          <Source>
             <LocURI>https://dhruvesh.auth.hpicorp.net/services/oma-dm/rs/syncml</LocURI>
          </Source>
          <Cred>
             <Meta>
                <Format xmlns="syncml:metinf">b64</Format>
                <Type xmlns="syncml:metinf">syncml:auth-md5</Type>
             </Meta>
             <Data>jmWbonrSA6/37ziySdXG7A==</Data>
          </Cred>
       </SyncHdr>
       <SyncBody>
          <Status>
             <CmdID>1</CmdID>
             <MsgRef>1</MsgRef>
             <CmdRef>0</CmdRef>
             <Cmd>SyncHdr</Cmd>
             <TargetRef>D37B7357741EF44EA285D0D6371F70AC</TargetRef>
             <Data>212</Data>
          </Status>
          <Status>
             <CmdID>2</CmdID>
             <MsgRef>1</MsgRef>
             <CmdRef>2</CmdRef>
             <Cmd>Alert</Cmd>
             <Data>200</Data>
          </Status>
          <Status>
             <CmdID>3</CmdID>
             <MsgRef>1</MsgRef>
             <CmdRef>3</CmdRef>
             <Cmd>Alert</Cmd>
             <Data>200</Data>
          </Status>
          <Status>
             <CmdID>4</CmdID>
             <MsgRef>1</MsgRef>
             <CmdRef>4</CmdRef>
             <Cmd>Replace</Cmd>
             <Data>200</Data>
          </Status>
          <Get>
             <CmdID>5</CmdID>
             <Item>
                <Target>
                   <LocURI>./DevDetail/SwV</LocURI>
                </Target>
             </Item>
          </Get>
          <Final />
       </SyncBody>
    </SyncML>

    FYI for others with the same problem: Also make sure that you have a <Status> with appropriate <Data>ResponseCode</Data> for each incoming <Cmd>


    Thanks for your help :)


    Thursday, March 17, 2016 11:27 AM
  • Hi Obaid,

    As you can see this question has now been resolved. Thanks for your help.

    I had another question/doubt related to SyncML and have raised another question on this forum for the same. Would appreciate if someone looks at it :)

    https://social.msdn.microsoft.com/Forums/en-US/e11b64d3-80fd-4e9d-b75d-fc49a0134049/data-that-can-be-fetched-from-client-in-mdm-syncml-session?forum=developingmdmsolutions

    And another issue that I have 

    https://social.msdn.microsoft.com/Forums/en-US/37ec91ab-3cac-4afc-b94d-13a91ac6df15/client-not-sending-cred-in-first-syncml-message?forum=wpdevelop

    Thursday, March 17, 2016 11:33 AM
  • Hello Dhruvesh : 

    Thanks for the update, we will follow up with you on other threads you have opened for further assistance.

    Regards.


    Tarun Chopra | Escalation Engineer | Open Specifications Support Team


    Thursday, March 17, 2016 3:21 PM