Anyone else having a real reliability issue with DEP/ABM lately? I don't think it's Airwatch as I am also having issues where it won't let me add devices via AC2 on occasion as well. I really feel like Apple is having issues they are not revealing.
I've definitely seen an uptick in devices that just stop responding to management. Couldn't have said it was an iOS 12 issue, but it's definitely been occurring with higher frequency over the last month or two, so it would make sense. And the Invalid Profile issue has been a real pain since for DEP devices, the only way to recover them is to do a device recovery via iTunes. With iOS 12.1 getting released yesterday, hopefully these are both fixed now. Thanks Apple! (/s)
Going to throw my 2 cents in here. The 220.127.116.11 patch (for new model iPhone Xs models) is thought to have corrupted most if not all of my DEP entries. Devices that hit DEP prior to the patch would not remove on their own when unassigned from DEP, devices that hit after the patch would for the most part remove on their own when unassigned. I have also seen issues with ' Invalid profile' enrollments and ' Connection to server could not be established' when using HUB native enrollment but for me, a fraction of my DEP devices will issue themselves a 401 'Break MDM' command after hitting DEP and enrolling in a staging users name. I have since upgraded to 18.104.22.168 and the issue still persists. For devices not removing from Console when Unassigned: When I raised a ticket, the solution they came back with was to mass reassign all of my DEP devices back to the Console, sync, then try to Unassign the ' stale' devices, sync again. This did allow me to get some functionality back in regards to devices removing from the Console on their own. I then had to go back and remove almost 100 devices manually that had been disowned but never removed. Examples below in case anyone needs to remove DEP devices manually (these commands only remove DEP entries, it does not affect an enrolled devices functionality) --Remove Single Device Delete from mobilemanagement.EnrollmentToken where DeviceSerialNumber ='inputSerialNumber' --Remove Multiple Devices delete from mobileManagement.EnrollmentToken where DeviceSerialNumber in ('inputSerialNumber','inputSerialNumber','inputSerialNumber')
For devices getting Invalid Profile or ' Connection to server could not be established' using Hub or DEP devices not enrolling correctly: Through trial and error I determined the DEP entry is causing a HUB native enrollment to give ' Invalid profile' or a ' Connection to server could not be established' and is causing my DEP devices to ' auto-Enterprise-Wipe' on enrollment (no compliance or compromised policies enabled that would enact this command....). For the Hub enrollments, I use the command above to remove the DEP entry and get the device enrolled then let the automated sync bring the device back into the Console. (these are device that were Enterprise wiped but not reset to factory)
For my DEP devices issue, its hit or miss but I Unassign from DEP and see if the entry is removed from Console, if not I manually remove, then reassign the device to DEP and sync it back in. Sucks to have to reset to factory again, but this usually corrects the DEP device issue at that time (issue seems to creep back up if device is reset and tries to re-enroll again).
Maybe one day there will be a fix but this has caused a lot of manual work for me. As I mentioned, this only seemed to come up when I applied the patch for the new iPhone Xs models.
We are seeing an uptick with DEP enrollment issues too. Users are reporting the ' invalid profile' error and some are stuck at the ' Remote Management' screen. We have also seen that the Hub app will not completely install. Anyone have an update from Apple or VMware with a root cause or fix? It's not a good user experience when we tell them to do a factory restore with iTunes.
We are having major DEP problems. Our devices come back in from the field and end up black listed (this is from Airwatch support) and I have to wait days before they will finally enroll. I worked through issues with them and just had to wait till my devices fell off the blacklist and then I could enroll. Currently that is their only answer to me. They have not told me why it is happening.
It is Airwatch support that told me they were blacklisted. My symptoms were that during the DEP profile install process they weren't getting the profile they were supposed to get, I couldn't assign them to anyone, Airwatch was giving them a strange name.
I worked with AW support and they showed me how to remove duplicate or orphan devices from the console by editing the database directly. The problem was created by 'releasing' devices from ABM (DEP) before I unassigned them.
In terms of enrollment, I had a good run... up until yesterday.
Now I'm having profile issues for devices added by AC2 - and DEP devices don't push out the 'auto' enabled applications (which annoying includes the HUB app) - so they don't fully enrol.
If I install the app and try to enrol manually it fails.
Ryan B. I have a similar issue also. I get an error that a connection to the server cannot be established. From what I have deciphered from my devices is that the device comes in via DEP, something flags the device and a ' Break MDM' command is issued to the device. It seems that the Console is detecting the device as ' assigned to another user' (in which the device IS NOT. The device shows as DISCOVERED... If I delete the device record and do one of 2 things it will succeed in the manual enrollment. 1. Unassign the device temporarily from DEP, sync device out of Console/Enrollment Status page. 2. Use DB command Delete from mobilemanagement.EnrollmentToken where DeviceSerialNumber ='SerialNumber' to remove device from DB and then upon next sync it will re-add itself. The device itself will still be Supervised after enrollment.
Airwatch finally just closed my ticket. Basically when I get a device back from the field and wipe it - I then have to wait several days and then can re-enroll it. They don't have an answer why so now this is just part of my process.
My issue with DEP/ABM started today 2/19/2019. I can add devices (iPads) using AC2 into DEP but after syncing AirWatch with DEP/ABM, the devices are not showing up in the AirWatch console. Does anyone add iPads or iOS devices into DEP using Apple Configurator 2?