I have an Afaria and SUP installation, with a Relay Server and ISA Server.
I've integrated Afaria with Active Directory and it works with Android devices. When I re-install de iphoneserver component with "Afaria server managed authentication" option, and try to enroll an iOS device it fails, I receive a message of incorrect enrollment code. In this moment Android enrollment works and it fails in iOS.
If I change the "Authentication Delegation" on the IAS server from "No delegation, and client cannot authenticate directly" to "No delegation, but client may authenticate directly", iOS enrollment works, authentication credentials are requested and the MDM profile is installed. Unfortunately, with this change on the ISA Server the Android enrollment fails. In this moment, when I try to enroll an Android device, authentication credentials are requested. After enter the autenthication credentials the user receive a message of incorrect credential. I know the credentials entered are correct because are de same that worked before the change on the ISA Server.
Thus, my mainly question is how i must configure ISA Server with the next options:
- "No delegation, and client cannot authenticate directly"
- "No delegation, but client may authenticate directly"
Can anyone help me?
Thanks in advance
Tags edited by: Michael Appleby