In Airwatch, I created user and user group. Configured some VPN profiles for this user group. Add device to this user group. Received the email and
Then I tried to enroll my iphone with Intelligent Hub but got this error:
"Device not Approved
You are not allowed to enroll your device for the following reasons:
Device is not on approved list of devices.
This device is registered to another user.
Contact your IT Admin for more information. "
I tried deleting this device from device list from Airwatch and enroll again. Still got the same error. Any suggestions? Thanks!
A typical reason for the error you mentioned is that the device-specific identifier(e.g.IMEI) of the device is registered with another user.
Check that registration status of the device.(Navigate Device > Lifcycle > Enrollment Status)
Hi Ogushia,
Thanks for the reply.
I tried following:
1. From device list, delete the device.
2. From lifecycle->enrollment status, select the device, revoke token first, then delete the device.
Then from account->Users, add device again.
Then
1. From Hub App, register this device
2. Sync the device.
But the problem is that the VPN profiles will never be pushed to my iPad.
Trouble shooting log did not show any errors.
Do u know why the profile is not pushed to my device?
Thanks a lot!
In my experience, iOS device didn't receive any profiles when APNs certificate has been expired.
As another check point, please check that if profile install commands stacked or not.
Hi Ogushia,
Yes you are right. My APN cert is expired. I had some problem regenerate it:
1. Since the guy who generated it a year ago left(his apple id is not accessible for me), I have to do "regenerate" instead of "renew" it. We do not have a corporate apple id for this.
2. I log in to apple push cert portal and regenerate with the plist I downloaded form MDM.
3. Then I uploaded the .pem cert but it always gave me the error "Uploaded certificate mismatches with the AW certificate request".
4. I checked here for the solustion: https://kb.vmware.com/s/article/50101005 but both of the solutions did not work for me since I don't have the old cert or the old apple id.
Do u have any idea how should I proceed?
Thanks!
Hi yw1,
Did you hit the [RENEW] button on APNs For MDM setting page in the UEM console?
If so, you need to log in to the Apple Push Certificates Portal with Apple ID that the person who left a year ago has.
When you update APNs certificate with different Apple ID, you need at first to hit [CLEAR] button, then redo certificate generation process with another Apple ID and you may need to re-enroll your Apple device.
(I've never renewed my APNs certificate with a different Apple ID, so I'm not sure if re-enroll is mandatory or not.)
Hi Ogushia,
Yes. I tried both renew and clear renegerate with my own apple id but all go the same error.
RIght now I opened a ticked for Apple to ask for cert transfer. Not received any response yet.
Thanks.