Apple MDM Troubleshooting
This Knowledge base article will help you troubleshoot mdm with FileWave.
Before going deep into troubleshooting, make sure that you have got these steps correct:
-
Your FileWave server should have a fully qualified DNS name (this dns name is the one entered in the Admin Preferences->Mobile)
-
If for some reason you changed the Server DNS Name in Admin Preferences->Mobile, did you re-generate the certificate?
If you did, then you have to trust the new certificate from the enrollment page ( https://dns:20443/ios) -
If the APN cert upload fails from Admin Preferences, make sure you followed the exact steps from step 1, as this can be caused of password-protected certificate
-
If all of the above are set and still have problems, you need to create an admin user account for debugging django:
a. go to the FileWave server and type this command: "sudo fwcontrol mdm addadminuser" and follow the instructions -
Another important log file is "/usr/local/filewave/log/filewave_django.log"
-
Make sure that your FileWave Admin displays "iOS/MDM Service OK" in the left lower corner in order to be able to manage your devices.
The following are some of the problems encountered before:
Enrolment Error (FileWave MDM Configuration is invalid):
The profile "Filewave MDM Configuration" is invalid. The MDM payload
"Mobile Device Management" contains an invalid topic
This is usually solved by re-generating the APN certificates because you have not generated them correctly.
CONNECTION PROBLEMS**:**
There are cases where ios devices fail to enroll and you get an error similar to this from sentry:
error
(61, 'Connection refused')
Request Method: PUT
Request URL: https://sscfilewave.co.sbmc:20443/ios/mdm_checkin
Exception Type: error
Exception Value:
(61, 'Connection refused')
Exception Location: /usr/local/filewave/python/lib/python2.7/socket.py in meth, line 222
This error is associated with a port "2195" being closed, you can verify by :
telnet gateway.push.apple.com 2195
Trying 17.172.239.89...
telnet: connect to address 17.172.239.89: Connection refused
the issue will be solved if the IT Admin opens port 2195 for FileWave.
5223 : IOS to apn server port:
port 5223 should be open for IOS clients to reach out to the APN server and receive push notifications.
For a list of all ports used, check this man-