When you are troubleshooting an issue with MDM enrollment, it is often not clear whether the problem is with Imprivata Mobile Access Mangement or with your MDM.
Perform the following test to help you isolate the issue. There are different steps for DEP and non-DEP Workflows.
DEP Devices
- Take the affected iOS device and reset it to factory defaults.
- Without using MAM, manually tap the screens on the device to complete setup.
Important: Use the same Wi-Fi network that MAM uses, if at all possible. - Confirm that you are prompted for MDM enrollment on DEP devices.
- Confirm that the expected username and password are accepted.
After you complete the setup, check your MDM console and ensure the device shows up as expected.
- If the device is correctly enrolled, then the original issue is likely with MAM.
- If the device does not enroll in the MDM as expected, then there may be an issue with the MDM, or with a network component such as a firewall or proxy. Contact your MDM vendor for additional support.
Non-DEP Devices
- Obtain the enrollment profile currently being used by MAM.
Download the profile from the MAM console by navigating to Admin > MDMs, selecting the MDM to test, and clicking Download. - Reset your test device to factory defaults.
- Without using MAM, manually tap the screens on the device to complete setup.
Important: Use the same Wi-Fi network that MAM uses, if at all possible. - After you are past the setup screens, install the enrollment configuration profile to your device. There are several options to do this:
- If you are using a Mac, you may use AirDrop to transfer the file to the device. On the device, swipe up to reveal the control center, tap AirDrop and select Allow connections from everyone.
Then on your Mac, control-click on the profile, and choose Share > AirDrop. The Mac will search for available AirDrop destinations. Click on the name of the device — likely “iPhone” or “iPad” — to start the transfer. - For both PC and Mac, you may email the enrollment profile to a suitable email account, then use Safari on the iOS device to check webmail. Download the attached profile.
- If you are using a Mac, you may use AirDrop to transfer the file to the device. On the device, swipe up to reveal the control center, tap AirDrop and select Allow connections from everyone.
- The device should begin to install the MDM enrollment profile. Tap the screens to install the profile.
After you complete the setup, check your MDM console and ensure the device shows up as expected.
- If the device is correctly enrolled, then the original issue is likely with MAM.
- If the device does not enroll in the MDM as expected, then there may be an issue with the MDM, or with a network component such as a firewall or proxy. Contact your MDM vendor for additional support.
NOTE: This test leaves the non-DEP device unsupervised. Some MDM restrictions may not work as expected. In addition, the device will prompt you before any app installations. This behavior is expected during the test.