Skip to end of metadata
Go to start of metadata

PROBLEM

When attempting a DEP sync in the FileWave admin → Preferences, an error: Forbidden is encountered and DEP data does not sync. This error can also show when creating DEP associations in DEP Association Management. 

ENVIRONMENT

FileWave Admin
FileWave Server
Apple DEP

RESOLUTION

There are a few potential causes of this error:

  1. There may have been a change to your server certificate. Check your Preferences → Mobile tab to ensure that your server SSL certificate is not revoked or expired.
  2. There may be a change to the external IP address of your FileWave server. 

Because the Apple DEP service performs a check to ensure that the mdm server is the same (in terms of IP address and SSL certificate) since it was last contacted, you may need to replace the DEP data at deploy.apple.com with a new public key from the FileWave server. 

You can check the "Last IP Connected" for your DEP account that is giving the error at Deploy.apple.com or school.apple.com depending on what you are using. You will select your MDM Server on Apple's site and you can see the IP listed. Below is a screen shot of where you can view that information. 

To replace your DEP information you can follow the below steps:

  1. Open the Preferences dialog in the Admin Console and select the "VPP & DEP" tab
  2. In the "Device Enrollment Program" section, click "Download certificate"
  3. Enter your fwadmin password
  4. Save the "FileWave DEP" certificate
  5. Navigate to deploy.apple.com in a browser and login
  6. Click on "Device Enrollment Program" →  "Manage Servers"
  7. Select your mdm server
  8. Click "Replace key.."
  9. Select your certificate from Step 4
  10. Click "Next"
  11. Click "Your Server Token" to download your token to your file system
  12. Click "Done", then "OK" 
  13. Click "Configure accounts"
  14. Enter your fwadmin password
  15. Select your DEP account
  16. Click "-" to remove the account
  17. Click "Close", then "OK" in the Preferences dialog to save changes
  18. Navigate back to "Preferences" → "VPP & DEP" tab
  19. Click "Configure Token"
  20. Enter your fwadmin password
  21. Click "+" to add the new token
  22. Select the token file downloaded in Step 11
  23. Click "Close"
  24. After the token is uploaded please run a full DEP sync by holding down the option/alt key and pressing synchronize in the "VPP & DEP" tab.