DEP/ADE Forbidden Error

Description

OnWhen creating an ADE (~~Formerlly known as~~formerly DEP) ~~Association~~association or ~~from~~running ~~any other~~another ADE ~~synchronisation~~synchronization action, ~~the following error~~FileWave may beshow ~~observed:~~this error: DEP error: Forbidden.

The most likely causes are:

The FileWave Server SSL certificate ~~change.~~changed. Check Preferences > Mobile ~~tab~~ to ~~ensure~~confirm that the server SSL certificate is not revoked or expired.
~~A change to the~~The external IP address of the FileWave ~~Server.~~Server changed.

Apple ~~store~~stores the external IP address of the FileWave Server from the last successful contact. If ~~this~~that IP address differs atduring ~~the time of a synchronisation ,~~synchronization, the action ~~will~~can fail and the ADE Server Token ~~will need to~~must be replaced.

~~The~~You can check the stored IP ~~may~~address ~~be observed from~~in the relevant ADE account:

~~The Last Date and IP Connected may be seen from~~In the Apple portal, open Settings ~~view;~~, select the MDM ~~Server~~server, and choose ~~Edit.~~Edit. The Last Date Connected and Last IP Connected values appear in the MDM Server Information view.

Requirements

FileWave MDM ADE ~~Certificate~~certificate

Resolution

A Forbidden error requires replacing the ~~token~~ADE beServer ~~replaced and~~Token, not ~~updated.~~updating it in place.

~~From~~In FileWave ~~Admin~~Central, >go to Preferences > VPP & ~~ADE:~~ADE:

Choose 'Download ~~certificate'~~certificate (requires the fwadmin password) toand save the ~~certificate~~certificate.

~~From~~In the relevant Apple ADE ~~account~~account, Apple Business Manager or Apple School Manager:

Select ~~'Settings'~~Settings.
Highlight the MDM server from the list and choose Edit.
Select 'Upload New...' and select the ~~saved~~certificate downloaded ~~file~~ from ~~above~~FileWave.
When prompted, ~~select to~~ download the ADE Server ~~Token~~Token.

~~From~~Back in FileWave ~~Admin~~Central, go >to Preferences > VPP & ~~ADE:~~ADE:

Click 'Configure ~~Accounts'~~Accounts (requires the fwadmin password).
Select the Forbidden token and use the '-' button to remove ~~that token~~it.
Select the '+' button toand ~~select~~choose the ADE Server Token downloaded from ~~Apple~~Apple.
Run aan ADE ~~Synchronisation~~ Full ~~Sync~~Sync. (Hold ~~down~~Alt/Option ~~ALT(macOS),~~while ~~Option(Windows)),~~choosing ~~then select to synchronise (~~the ~~name~~synchronization ofaction; the button ~~will~~name ~~change)~~changes to indicate a full sync.

AtAfter ~~this~~the ~~stage~~token ~~synchronisation~~is replaced and the full sync completes, synchronization should ~~now be successful.~~succeed.

If the ADE Server Token is currently configured in the Education tab of Preferences, ~~this~~remove that association ~~will need to be removed prior to~~before removing the ADE ~~token,~~token. ~~but~~You ~~may~~can beadd ~~re-added~~it again ~~afterwards.~~afterward.