What's new
Forums on Intune, SCCM, and Windows 11

Welcome to the forums. Register a free account today to become a member! Once signed in, you'll be able to participate on this site by adding your topics and posts, as well as connect with other members through your own private inbox!

PENDING SCCM Mac Enrollment error

Y

Yaseen Kriel

New Member
Messages
4
Reaction score
1
Points
3
I am trying to configure client settings within SCCM for MAC enrollment and when I get to the part where I have to set up the profile I get the following error:

upload_2017-11-9_11-17-11.png
 
Sort by date Sort by votes
Hi Yaseen Kriel,

Do you already created a authenticated session certificate template on you PKI server? Refer to this: (1) and this (2).
The installation of your inscription point and your inscription proxy point was successfully?
 
Last edited:
Upvote 0 Downvote
Can you check in your Management Point Properties if the option for support mobile device and MAC computers is enabled?
 
Upvote 0 Downvote
Hello Guys, i have a problem, i have recreated all the certificates on our serves, but the macs still get the following error (see attached). can you help.
 

Attachments

  • sccmMACError.jpg
    sccmMACError.jpg
    31.3 KB · Views: 6
Upvote 0 Downvote
Did you change the certificate for the inscription of your MAC clients on your Default Client Settings?
 
Upvote 0 Downvote
Hello Youssef, thats all working now, but now i get the following: The devices enroll, but it says certificate no found, and on the server i get this:

MP Control Manager detected management point is not responding to HTTP requests. The HTTP status code and text is 403, Forbidden.

Possible cause: Management point encountered an error when connecting to SQL Server.
Solution: Verify that the SQL Server is properly configured to allow Management Point access. Verify that management point computer account or the Management Point Database Connection Account is a member of Management Point Role (smsdbrole_MP) in the SQL Server database.

Possible cause: The SQL Server Service Principal Names (SPNs) are not registered correctly in Active Directory
Solution: Ensure SQL Server SPNs are correctly registered. Review Q829868.

Possible cause: Internet Information Services (IIS) isn't configured to listen on the ports over which the site is configured to communicate.
Solution: Verify that the designated Web Site is configured to use the same ports which the site is configured to use.

Possible cause: The designated Web Site is disabled in IIS.
Solution: Verify that the designated Web Site is enabled, and functioning properly.

Possible cause: The MP ISAPI Application Identity does not have the requisite logon privileges.
Solution: Verify that the account that the MP ISAPI is configured to run under has not been denied batch logon rights through group policy.

For more information, refer to Microsoft Knowledge Base article 838891.
 
Upvote 0 Downvote
You must log in or register to reply here.

Similar threads

  • PENDING Connection Point Server Disconnected
  • Microsoft Intune August 2025 Update (Service Release 2508)
  • SOLVED Updates showing up as not required.
  • NEW Software Center Client -- Compatibility Assessment --Error
  • Fix WSUS error code 0x80240069 for Update KB5063878 deployment

    • Forum statistics

    Threads
    7,050
    Messages
    27,546
    Members
    17,759
    Latest member
    Molly

    Latest posts

    Trending content
    Back
    Top