cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

enrollment incomplete on automated enrollment policy

Former Member

on ‎01-23-2015 1:39 PM

0 Kudos

Hello everyone,

We are trying to create enrollment policy (Android)  using APIs.

We are specifying parameters such as tenantid, data column (device serial no), gcm project id, group .

We have linked only 1 Application policy to the group.(No config policy linked)

We are using the domain controller to create the automated enrollment policy .

We are able to successfully create the enrollment code and tenant.

But when we enroll using that enrollment code, the device enrolls, but the entries in Afaria server and Package server are missing.

Only the Enrollment server shows the correct server address.

Because of this, the device cannot connect to the server again. (taking address 0.0.0.0/XNET)

So to test it, We  created an enrollment code manually on the same enrollment policy.

We used the automated enrollment code to re-enroll the device.

To our surprise, the devices gets enrolled successfully and we are able to connect back to the server.

The afaria, enrollment and package components are on same server and we use a Relay server.

Are we missing out on something? What all more parameters are required for full enrollment?

Any help/suggestions would be appreciated.

Attached are the screenshots on client after enrolling using the automated enrollment code.

Regards,

Suraj

Show replies
Show replies
Answer

Accepted Solutions (0)

Answers (1)

Answers (1)

jtaylor
Active Participant
‎01-23-2015 3:02 PM
0 Kudos

Do you mind posting what you have so far for creating the policy? I can check it to see what/if something was missed... I don't have an examples ready immediately.

Show replies
Show replies
Former Member
‎01-27-2015 6:38 AM
0 Kudos

Do you mean the codes?



//Create Android Policy

  1. AfariaServicePolicy.DataState state_android = svc1.CreatePolicy(AfariaServicePolicy.PolicyType.Enrollment, AfariaServicePolicy.PolicySubtype.None, AfariaServicePolicy.SupportedClients.Android);

AfariaServicePolicy.PolicyInfo _newPolicyandroid = new AfariaServicePolicy.PolicyInfo();

_newPolicyandroid.Name = policyNameandroid;

                _newPolicyandroid.Description = policyNameandroid;

                _newPolicyandroid.PolicyType = AfariaServicePolicy.PolicyType.Enrollment;

                _newPolicyandroid.Enabled = true;

_newPolicyandroid.SupportedClients = AfariaServicePolicy.SupportedClients.Android;

                svc1.SetPolicyInfo(state_android, _newPolicyandroid);

svc1.SavePolicy(state_android, false);

AfariaServicePolicy.EnrollmentCode[] _enCodes_android = new AfariaServicePolicy.EnrollmentCode[1];

AfariaServicePolicy.EnrollmentCode _enCode_android = svc1.EnrollmentCreateEnrollmentCode(state_android, AfariaServicePolicy.UrlShorteningService.TinyUrl);

_enCodes_android[0] = _enCode_android;

                AfariaServicePolicy.EnrollmentPolicySettingsAndroid _enrollSettandroid = new AfariaServicePolicy.EnrollmentPolicySettingsAndroid();

GroupService.Group androidGroup = SearchForAndroidGroup(tenantId, groupNameAndroid);

                _enrollSettandroid.Groups = new int[1];

_enrollSettandroid.Groups[0] = androidGroup.GroupId;

_enrollSettandroid.EnrollmentCodes = _enCodes_android;

//Including GCM project id for the enrollment policy.

_enrollSettandroid.IncludeC2dmAccount = true;

//connect after installing the device.

_enrollSettandroid.ConnectAfterInstall = true;

_enrollSettandroid.ClientNameOption = ClientName.DeviceSerialNumber;      

svc1.EnrollmentSetPolicySettings(state_android, _enrollSettandroid);

svc1.SetPolicyInfo(state_android, _newPolicyandroid);

                svc1.SavePolicy(state_android, true);

// Group assignment to Policy.

List<AfariaServicePolicy.EnrollUserPrompt> _myPromptandroid = new

List<AfariaServicePolicy.EnrollUserPrompt>();

foreach (AfariaServicePolicy.EnrollUserPrompt _promptandroid in _myEnrollUserPromptList)

{

                    if (_promptandroid.Name.Contains("Exchange"))

                    {

_myPromptandroid.Add(_promptandroid);

                    }

                }

                _enrollSett.UserPrompts = _myPromptandroid.ToArray();

                List<int> _mylistAndroid = new List<int>();

var groupid = 0;

foreach (GroupService.Group _myGroup in _groupList.Groups)

{

if (_myGroup.GroupName.Contains(groupNameAndroid))

{

_mylistAndroid.Add(_myGroup.GroupId);

                        groupid = _myGroup.GroupId;

}

}

                _enrollSett.Groups = _mylistAndroid.ToArray();

//Creating Application Policy for Android.

AfariaServicePolicy.DataState policyState = svc1.CreatePolicy(PolicyType.Application, PolicySubtype.ApplicationIndirectlyHosted, AfariaServicePolicy.SupportedClients.Android);

AfariaServicePolicy.PolicyInfo _newPolicyApp = new AfariaServicePolicy.PolicyInfo();

_newPolicyApp.Name = TenantName + "_AppMarket";

_newPolicyApp.Description = TenantName + "_AppMarket";

_newPolicyApp.PolicySubtype = PolicySubtype.ApplicationIndirectlyHosted;

_newPolicyApp.PolicyType = AfariaServicePolicy.PolicyType.Application;

                _newPolicyApp.Enabled = true;

_newPolicyApp.SupportedClients = AfariaServicePolicy.SupportedClients.Android;

AfariaServicePolicy.AppIndirectlyHostedPolicySettingsAndroidV002 _appInd = new AppIndirectlyHostedPolicySettingsAndroidV002();

_appInd.StoreId = "com.sap.sapstore";

_appInd.Validate = false;

svc1.ApplicationSetPolicySettingsV002(policyState, _appInd);

svc1.SetPolicyInfo(policyState, _newPolicyApp);

svc1.SavePolicy(policyState, true);

int[] arr1 = new int[] { groupid };

svc1.SetGroups(policyState, arr1);

svc1.SavePolicy(policyState, true);


Even if I edit the enrollment policy in the admin console, I am able to enroll the device.



Regards,

Suraj



jtaylor
Active Participant
‎01-27-2015 11:14 PM
0 Kudos

Immediately, this looks fine to me, except for maybe one thing. The serveraddress in the _enrollSettandroid may not be set, so maybe setting it by " _enrollSettandroid.ServerAddress = _enrollSettandroid.DefaultServerAddress;" may work... but I'm playing around with it on my system and I'll let you know what I find.

Just to be sure, when the enrollment policy is created manually through the administrator, were you using the same tenant as the policy was created on? I am not sure why this would make a difference, but I wanted to make certain.

Former Member
‎01-28-2015 6:39 AM
0 Kudos

Hi John,

About your query--> when the enrollment policy is created manually through the administrator, were you using the same tenant as the policy was created on?

Yes we were using the same tenant as the policy. (we were editing the same policy as well and saving and it works as well)


Regards,

Suraj


jtaylor
Active Participant
‎01-28-2015 5:02 PM
0 Kudos

Hi Suraj, I think the problem is that you were overwriting some important data when you created the new PolicyInfo or the EnrollmentPolicySettingsAndroid. Try the following, which worked for me.

*note that you'll need to modify the server context, domain/user/password.



static void Main(string[] args)


{


   PolicyServiceClient svcPolicy = new PolicyServiceClient("NetTcpBinding_IPolicyService");


   svcPolicy.ClientCredentials.Windows.ClientCredential.Domain = "mydomain";


   svcPolicy.ClientCredentials.Windows.ClientCredential.UserName = "afaria";


   svcPolicy.ClientCredentials.Windows.ClientCredential.Password = "Afaria";


   ContextInfo ci = svcPolicy.InitContext(Guid.NewGuid().ToString("N"));


   Console.WriteLine("Now connected to server with contextID=" + ci.ContextId);


   svcPolicy.SetTenantIdContext(0);


   svcPolicy.SetServerIdContext("3i)oa");




   DataState state = svcPolicy.CreatePolicy(PolicyType.Enrollment, PolicySubtype.None, SupportedClients.Android);


   PolicyInfo policyInfo = svcPolicy.GetPolicyInfo(state);


   policyInfo.Name = "Test Android Enrollment " + ci.ContextId;//add the context ID to make unique policy


   policyInfo.Enabled = true;


   svcPolicy.SetPolicyInfo(state, policyInfo);




   EnrollmentCode eCode = svcPolicy.EnrollmentCreateEnrollmentCode(state, UrlShorteningService.TinyUrl);


   policyInfo.Description = eCode.Code;


   Console.WriteLine("New enrollment code: " + eCode.Code);


   EnrollmentPolicySettingsAndroid policySetAndroid = (EnrollmentPolicySettingsAndroid)svcPolicy.EnrollmentGetPolicySettings(state);


   policySetAndroid.Groups = new int[] { 1 };


   policySetAndroid.EnrollmentCodes = new EnrollmentCode[] { eCode };


   policySetAndroid.IncludeC2dmAccount = true;


   policySetAndroid.ConnectAfterInstall = true;


   policySetAndroid.ClientNameOption = ClientName.UserName;


   svcPolicy.EnrollmentSetPolicySettings(state, policySetAndroid);


   svcPolicy.SetPolicyInfo(state, policyInfo);


   svcPolicy.SavePolicy(state, false);






   svcPolicy.CloseContext();


   svcPolicy.Close();


   Console.Write("Press any key to exit...");


   Console.ReadKey();


}
Former Member
‎01-29-2015 9:27 AM
0 Kudos

Hi John,

With the help of your code lines, we tried our again.

Here only an enrollment policy gets created and after enrollment I get details about the afaria and enrollment server.

As no group is created, I cannot connect back to server.

Could you share lines for package/application and groups?

Attaching the client screenshots for refernce

Regards,

Suraj

jtaylor
Active Participant
‎01-29-2015 8:19 PM
0 Kudos

Have you tried your code by merging the changes above into your code?

AfariaServicePolicy.PolicyInfo _newPolicyandroid = newAfariaServicePolicy.PolicyInfo();

should become:

AfariaServicePolicy.PolicyInfo _newPolicyandroid = svc1.GetPolicyInfo(state_android);



and



AfariaServicePolicy.EnrollmentPolicySettingsAndroid_enrollSettandroid = newAfariaServicePolicy.EnrollmentPolicySettingsAndroid(state_android);

should become:

AfariaServicePolicy.EnrollmentPolicySettingsAndroid_enrollSettandroid = (EnrollmentPolicySettingsAndroid)svc1.EnrollmentGetPolicySettings(state_android);

For the application policy, it is also likely that you have to get the policy settings by calling:

AfariaServicePolicy.AppIndirectlyHostedPolicySettingsAndroidV002 _appInd = svc1.ApplicationGetPolicySettingsV002(policystate);

instead of calling:

AfariaServicePolicy.AppIndirectlyHostedPolicySettingsAndroidV002 _appInd =new AppIndirectlyHostedPolicySettingsAndroidV002();



and


AfariaServicePolicy.PolicyInfo _newPolicyApp = newAfariaServicePolicy.PolicyInfo();

instead of:

AfariaServicePolicy.PolicyInfo _newPolicyApp = svc1.GetPolicyInfo(policystate)


Former Member
‎01-30-2015 1:37 PM
0 Kudos

Hi John,

Have you tried your code by merging the changes above into your code?

We tested the enrollment with help of code lines that you shared.And it has worked for us.

Only thing is that when we used our codes for application policy.. it works only for All devices group and not to particular static groups.

Any help on that?

We are yet to try with code for app policy that you used.

jtaylor
Active Participant
‎02-03-2015 3:48 PM
0 Kudos

When you tried your code, if you inspected the group in the Afaria Administrator, did the group appear to be associated with the policy? Is the device also getting assigned to that same group when viewed in the Afaria Admin? Your code appears correct, though you lookup the groupID twice, once in the enrollment policy creation and once before the application policy... since they use the same lookup string, I assume it returns the same IDs.

When you assigned to the all device group, did you do so through the administrator or do so in a different way from this code?

Former Member
‎02-04-2015 6:10 AM
0 Kudos


If we link the static group created (through code) to the Application policy (already linked to enrollment policy), the application policy is not pushed to the client even though the enrollment is successful.


So we linked the 'All devices group' to the application policy and tried.

That worked correctly.

We assigned it to the all devices group through the 'Code'


BR,

Suraj Nair

jtaylor
Active Participant
‎02-04-2015 9:07 PM
0 Kudos

I'm not certain why you're having difficulty with your code at this time. I added code which mimics yours to my previous example and it is showing up in the available apps, even though linked with a dynamic group and another time with a static group.

Here is my code for reference:



static void Main(string[] args)


{


   int groupID = 11;


   string appID = "com.sap.sapstore";




   PolicyServiceClient svcPolicy = new PolicyServiceClient("NetTcpBinding_IPolicyService");


   svcPolicy.ClientCredentials.Windows.ClientCredential.Domain = "mydomain";


   svcPolicy.ClientCredentials.Windows.ClientCredential.UserName = "afaria";


   svcPolicy.ClientCredentials.Windows.ClientCredential.Password = "Afaria";


   ContextInfo ci = svcPolicy.InitContext(Guid.NewGuid().ToString("N"));


   Console.WriteLine("Now connected to server with contextID=" + ci.ContextId);


   svcPolicy.SetTenantIdContext(0);


   svcPolicy.SetServerIdContext("3i)oa");




   //-----------------------------------------------------------------------------------------------------


   //New Enrollment Policy


   //-----------------------------------------------------------------------------------------------------




   DataState statePolicyEnrollment = svcPolicy.CreatePolicy(PolicyType.Enrollment, PolicySubtype.None, SupportedClients.Android);


   PolicyInfo policyInfo = svcPolicy.GetPolicyInfo(statePolicyEnrollment);


   policyInfo.Name = "Test Android Enrollment " + ci.ContextId;//add the context ID to make unique policy


   policyInfo.Enabled = true;


   svcPolicy.SetPolicyInfo(statePolicyEnrollment, policyInfo);




   EnrollmentCode eCode = svcPolicy.EnrollmentCreateEnrollmentCode(statePolicyEnrollment, UrlShorteningService.TinyUrl);


   policyInfo.Description = eCode.Code;


   Console.WriteLine("New enrollment code: " + eCode.Code);


   EnrollmentPolicySettingsAndroid policySetAndroid = (EnrollmentPolicySettingsAndroid)svcPolicy.EnrollmentGetPolicySettings(statePolicyEnrollment);


   policySetAndroid.Groups = new int[] { groupID };


   policySetAndroid.EnrollmentCodes = new EnrollmentCode[] { eCode };


   policySetAndroid.IncludeC2dmAccount = true;


   policySetAndroid.ConnectAfterInstall = true;


   policySetAndroid.ClientNameOption = ClientName.UserName;


   svcPolicy.EnrollmentSetPolicySettings(statePolicyEnrollment, policySetAndroid);


   svcPolicy.SetPolicyInfo(statePolicyEnrollment, policyInfo);


   svcPolicy.SavePolicy(statePolicyEnrollment, false);


   svcPolicy.Release(statePolicyEnrollment);




   //-----------------------------------------------------------------------------------------------------


   //New App Policy


   //-----------------------------------------------------------------------------------------------------


   DataState statePolicyApp = svcPolicy.CreatePolicy(PolicyType.Application, PolicySubtype.ApplicationIndirectlyHosted, SupportedClients.Android);


   PolicyInfo appPolicyInfo = svcPolicy.GetPolicyInfo(statePolicyApp);


   appPolicyInfo.Name = "Test Android App Store" + ci.ContextId;//add the context ID to make unique policy


  


   AppIndirectlyHostedPolicySettingsAndroidV002 appPolicySet = (AppIndirectlyHostedPolicySettingsAndroidV002)svcPolicy.ApplicationGetPolicySettingsV002(statePolicyApp);


   appPolicySet.StoreId = appID;


   appPolicySet.Validate = false;


   svcPolicy.ApplicationSetPolicySettingsV002(statePolicyApp, appPolicySet);


   svcPolicy.SetPolicyInfo(statePolicyApp, appPolicyInfo);


   svcPolicy.SetGroups(statePolicyApp, new int[] { groupID });


   svcPolicy.SavePolicy(statePolicyApp, false);


   svcPolicy.Release(statePolicyApp);




   svcPolicy.CloseContext();


   svcPolicy.Close();


   Console.Write("Press any key to exit...");


   Console.ReadKey();


}
jtaylor
Active Participant
‎02-10-2015 10:18 PM
0 Kudos

Suraj, did my example work for you? Did you have any further questions regarding this? I may be out of touch for a little while soon, so I wanted to follow up with you before then.

Ask a Question