When enrolling wiht a mac, are you using the shorname or the FQDN? I would recomend using the FQDN that the cert has in it, as that could cause issues.
Another peice of info... I had our production server crash due to disk space, which I used profile manager for mac's only on this specific host. After the crash, I was forced to rebuild as specific services woudln't allow AD authentication to take place. I had exported the db for profile manager and re-imported it and it was corrupted.
I have never had issues exporting the collab db (wiki) and wiki calenders even with the funky permissions as it has to be re-imported back into collab.
Due to the impact of having to either re-enrolll all devices that were lost I decided to go back to legacy mode with work group maanger. I had decided that it was best to use workgroup maanger for any MAC's. It is much easier to export open directory and re-import it then having to muck wiht databases from profile maanger. Some of the things I have tried to deploy with profile manager wern't successful including profiles for 802.1x auth for wifi.
So for what proflie manager was really used for on the MAC's it wasn't worth it to put more devices on it incase of an issue in the future.
OSX 10.7 Server has a simple internet domainname such as server.domainname.com. I connect to that webserver running Profile Manager, login with the user credentials (not the admin's) and simply click 'Enroll' .
Download of ota_profile.mobileconfig and opes up System Preferences. The information in the profile shows the full FQDN and shows the certificate is 'Verified'. (I have the Trust Profile installed)
After all of this I still get the 'Profile installation failed' error. "Could not be installed due to an unexpected error". I'll try build up another server, see how this works out. Anyone perhaps know this is a glich in 10.7 and should I go for 10.8?
What version of 10.7 are you running. I didn't seem to have any major issues once I got it working wiht earlier releases of 10.7.
Normally the issues occur with iOS devices and macs are fine. Its odd your seeing so many issues with your mac. Can you do forward / reverse lookups of server.domainname.com from the client machines? Do you have any firewall policies applied between clients and the host?