VMware Workspace ONE Community
yw1
Contributor
Contributor
‎03-31-2021 08:17 PM

Airwatch enroll device not approved

In Airwatch, I created user and user group. Configured some VPN profiles for this user group. Add device to this user group. Received the email and 

Then I tried to enroll my iphone with Intelligent Hub but got this error:

"Device not Approved

You are not allowed to enroll your device for the following reasons:

Device is not on approved list of devices.

This device is registered to another user. 

Contact your IT Admin  for more information. "

 

I tried deleting this device from device list from Airwatch and enroll again. Still got the same error. Any suggestions? Thanks!

 

 

Labels (1)
Labels
Reply
0 Kudos
6 Replies
ogushia
Hot Shot
Hot Shot
‎04-04-2021 08:43 PM

A typical reason for the error you mentioned is that the device-specific identifier(e.g.IMEI) of the device is registered with another user.
Check that registration status of the device.(Navigate Device > Lifcycle > Enrollment Status)

ogushia_1-1617594219984.png

 

 

 

Reply
0 Kudos
yw1
Contributor
Contributor
‎04-06-2021 06:40 PM

Hi Ogushia,

 

Thanks for the reply.

I tried following:

1. From device list, delete the device. 

2. From lifecycle->enrollment status, select the device, revoke token first, then delete the device. 

 

Then from account->Users, add device again. 

Then 

1. From Hub App, register this device

2. Sync the device. 

But the problem is that the VPN profiles will never be pushed to my iPad.

Trouble shooting log did not show any errors. 

Do u know why the profile is not pushed to my device?

Thanks a lot!

 

 

Preview file
30 KB
Reply
0 Kudos
ogushia
Hot Shot
Hot Shot
‎04-07-2021 11:51 PM

In my experience, iOS device didn't receive any profiles when APNs certificate has been expired.

As another check point, please check that if profile install commands stacked or not.

ogushia_0-1617864579461.png

 

Reply
0 Kudos
yw1
Contributor
Contributor
‎04-12-2021 12:12 PM

Hi Ogushia,

Yes you are right. My APN cert is expired. I had some problem regenerate it: 

1. Since the guy who generated it a year ago left(his apple id is not accessible for me), I have to do "regenerate" instead of "renew" it. We do not have a corporate apple id for this.

2. I log in to apple push cert portal and regenerate with the plist I downloaded form MDM. 

3. Then I uploaded the .pem cert but it always  gave me the error "Uploaded certificate mismatches with the AW certificate request". 

4. I checked here for the solustion: https://kb.vmware.com/s/article/50101005 but both of the solutions did not work for me since I don't have the old cert or the old apple id. 

Do u have any idea how should I proceed? 

Thanks!

Reply
0 Kudos
ogushia
Hot Shot
Hot Shot
‎04-16-2021 10:25 PM

Hi yw1,

Did you hit the [RENEW] button on APNs For MDM setting page in the UEM console?
If so, you need to log in to the Apple Push Certificates Portal with Apple ID that the person who left a year ago has.
When you update APNs certificate with different Apple ID, you need at first to hit [CLEAR] button, then redo certificate generation process with another Apple ID and you may need to re-enroll your Apple device.

(I've never renewed my APNs certificate with a different Apple ID, so I'm not sure if re-enroll is mandatory or not.)

Reply
0 Kudos
yw1
Contributor
Contributor
‎04-16-2021 11:31 PM

Hi Ogushia,

Yes. I tried both renew and clear renegerate with my own apple id but all go the same error. 

RIght now I opened a ticked for Apple to ask for cert transfer. Not received any response yet. 

Thanks.

 

Reply
0 Kudos