Thank you for the reply.
Client and server time is synchronized. Client actually gets it's time from the server.
Upon enrolling the device... there is a server side error:
Sep 1 12:08:34 server.company.com ReportCrash[10525]: failed
looking up LS service ( scCreateSystemService returned MACH_PORT_NULL, called from SetupCoreApplicationServicesCommunicationPort, so using client-side NULL calls.
Sep 1 12:08:34 server.company.com ReportCrash[10525]: LaunchServices/5123589: Unable to lookup coreservices session port for session 0x186a0 uid=0 euid=0
Here is the stream:
Sep 1 12:08:32 server.company.com xscertd[10518]: Received connection from 10.0.0.220:50603
Sep 1 12:08:32 server.company.com xscertd[10518]: Received request from 10.0.0.220:50603
Sep 1 12:08:32 server.company.com xscertd[10518]: Processing request from 10.0.0.220:50603 of /scep/?operation=GetCACaps...
Sep 1 12:08:32 server.company.com xscertd[10518]: Returning response with code 200 to 10.0.0.220:50603
Sep 1 12:08:32 server.company.com xscertd[10518]: Received connection from 10.0.0.220:50604
Sep 1 12:08:32 server.company.com xscertd[10518]: Received request from 10.0.0.220:50604
Sep 1 12:08:32 server.company.com xscertd[10518]: Processing request from 10.0.0.220:50604 of /scep/?operation=GetCACert...
Sep 1 12:08:32 server.company.com xscertd[10518]: Returning response with code 200 to 10.0.0.220:50604
Sep 1 12:08:33 server.company.com kdc[52]: AS-REQ _ldap_replicator@server.company.COM from 127.0.0.1:53316 for krbtgt/server.company.COM@server.company.COM
Sep 1 12:08:33 --- last message repeated 1 time ---
Sep 1 12:08:33 server.company.com kdc[52]: Client sent patypes: REQ-ENC-PA-REP
Sep 1 12:08:33 server.company.com kdc[52]: Need to use PA-ENC-TIMESTAMP/PA-PK-AS-REQ
Sep 1 12:08:33 server.company.com kdc[52]: AS-REQ _ldap_replicator@server.company.COM from 127.0.0.1:52283 for krbtgt/server.company.COM@server.company.COM
Sep 1 12:08:33 --- last message repeated 1 time ---
Sep 1 12:08:33 server.company.com kdc[52]: Client sent patypes: ENC-TS, REQ-ENC-PA-REP
Sep 1 12:08:33 server.company.com kdc[52]: ENC-TS pre-authentication succeeded -- _ldap_replicator@server.company.COM
Sep 1 12:08:33 server.company.com kdc[52]: Client supported enctypes: aes256-cts-hmac-sha1-96, aes128-cts-hmac-sha1-96, des3-cbc-sha1, arcfour-hmac-md5, using aes256-cts-hmac-sha1-96/aes256-cts-hmac-sha1-96
Sep 1 12:08:33 server.company.com kdc[52]: Requested flags: forwardable
Sep 1 12:08:33 server.company.com xscertd[10518]: Received connection from 10.0.0.220:50605
Sep 1 12:08:33 server.company.com xscertd[10518]: Received request from 10.0.0.220:50605
Sep 1 12:08:33 server.company.com xscertd[10518]: Processing request from 10.0.0.220:50605 of /scep/?operation=PKIOperat...
Sep 1 12:08:33 server.company.com xscertd[10518]: Received PKCSReq from 10.0.0.220:50605
Sep 1 12:08:34 server.company.com xscertd[10518]: Request from 10.0.0.220:50605 succeeded, returning Success status
Sep 1 12:08:34 server.company.com xscertd[10518]: Returning response with code 200 to 10.0.0.220:50605
Sep 1 12:08:34 server.company.com ReportCrash[10525]: DebugSymbols was unable to start a spotlight query: spotlight is not responding or disabled.
Sep 1 12:08:34 server.company.com ReportCrash[10525]: failed looking up LS service ( scCreateSystemService returned MACH_PORT_NULL, called from SetupCoreApplicationServicesCommunicationPort, so using client-side NULL calls.
Sep 1 12:08:34 server.company.com ReportCrash[10525]: LaunchServices/5123589: Unable to lookup coreservices session port for session 0x186a0 uid=0 euid=0
Sep 1 12:08:34 server.company.com ReportCrash[10525]: failed looking up LS service ( scCreateSystemService returned MACH_PORT_NULL, called from SetupCoreApplicationServicesCommunicationPort, so using client-side NULL calls.
Sep 1 12:08:34 server.company.com ReportCrash[10525]: LaunchServices/5123589: Unable to lookup coreservices session port for session 0x186a0 uid=0 euid=0
Sep 1 12:08:34 server.company.com ReportCrash[10525]: failed looking up LS service ( scCreateSystemService returned MACH_PORT_NULL, called from SetupCoreApplicationServicesCommunicationPort, so using client-side NULL calls.
Sep 1 12:08:34 server.company.com ReportCrash[10525]: LaunchServices/5123589: Unable to lookup coreservices session port for session 0x186a0 uid=0 euid=0
Sep 1 12:08:34 server.company.com ReportCrash[10525]: failed looking up LS service ( scCreateSystemService returned MACH_PORT_NULL, called from SetupCoreApplicationServicesCommunicationPort, so using client-side NULL calls.
Sep 1 12:08:34 server.company.com ReportCrash[10525]: LaunchServices/5123589: Unable to lookup coreservices session port for session 0x186a0 uid=0 euid=0
Sep 1 12:08:34 server.company.com ReportCrash[10525]: failed looking up LS service ( scCreateSystemService returned MACH_PORT_NULL, called from SetupCoreApplicationServicesCommunicationPort, so using client-side NULL calls.
Sep 1 12:08:34 server.company.com ReportCrash[10525]: LaunchServices/5123589: Unable to lookup coreservices session port for session 0x186a0 uid=0 euid=0
Sep 1 12:08:34 server.company.com xscertd[10518]: Failed sending RemoveKeyFromKeychain command to com.apple.xscertd.helper: Connection interrupted
Sep 1 12:08:34 server com.apple.launchd[1] (com.apple.xscertd-helper[10519]): Job appears to have crashed: Segmentation fault: 11
Sep 1 12:08:35 server.company.com ReportCrash[10525]: Saved crash report for xscertd-helper[10519] version 53 to /Library/Logs/DiagnosticReports/xscertd-helper_2012-09-01-120835_server.crash
Sep 1 12:08:35 server.company.com ReportCrash[10525]: Removing excessive log: file://localhost/Library/Logs/DiagnosticReports/xscertd-helper_2012-08-31-123821_server.crash
Sep 1 12:08:35 server.company.com php-fpm[3963]: DMX-EXT: signerIndex = 0, signStatus = 1
Sep 1 12:08:35 server.company.com xscertd[10518]: Received connection from 127.0.0.1:52989
Sep 1 12:08:35 server.company.com xscertd[10518]: Received request from 127.0.0.1:52989
Sep 1 12:08:35 server.company.com xscertd[10518]: Processing request from 127.0.0.1:52989 of /scep/?operation=GetCACaps...
Sep 1 12:08:35 server.company.com xscertd[10518]: Returning response with code 200 to 127.0.0.1:52989
Sep 1 12:08:35 server.company.com xscertd[10518]: Received connection from 127.0.0.1:52990
Sep 1 12:08:35 server.company.com xscertd[10518]: Received request from 127.0.0.1:52990
Sep 1 12:08:35 server.company.com xscertd[10518]: Processing request from 127.0.0.1:52990 of /scep/?operation=GetCACert...
Sep 1 12:08:35 server com.apple.launchd[1] (com.apple.xscertd-helper): Throttling respawn: Will start in 7 seconds
Sep 1 12:08:42 server.company.com xscertd-helper[10531]: Starting xscertd-helper/1.1.0 (MacOS X Server)
Sep 1 12:08:42 server.company.com xscertd[10518]: Returning response with code 200 to 127.0.0.1:52990
Sep 1 12:08:42 server.company.com kdc[52]: AS-REQ server.company.com$@server.company.COM from 127.0.0.1:49294 for krbtgt/server.company.COM@server.company.COM
Sep 1 12:08:42 --- last message repeated 1 time ---
Sep 1 12:08:42 server.company.com kdc[52]: Client sent patypes: REQ-ENC-PA-REP
Sep 1 12:08:42 server.company.com kdc[52]: Need to use PA-ENC-TIMESTAMP/PA-PK-AS-REQ
Sep 1 12:08:42 server.company.com kdc[52]: AS-REQ server.company.com$@server.company.COM from 127.0.0.1:59038 for krbtgt/server.company.COM@server.company.COM
Sep 1 12:08:42 --- last message repeated 1 time ---
Sep 1 12:08:42 server.company.com kdc[52]: Client sent patypes: ENC-TS, REQ-ENC-PA-REP
Sep 1 12:08:42 server.company.com kdc[52]: ENC-TS pre-authentication succeeded -- server.company.com$@server.company.COM
Sep 1 12:08:42 server.company.com kdc[52]: Client supported enctypes: aes256-cts-hmac-sha1-96, aes128-cts-hmac-sha1-96, des3-cbc-sha1, arcfour-hmac-md5, using aes256-cts-hmac-sha1-96/aes256-cts-hmac-sha1-96
Sep 1 12:08:42 server.company.com kdc[52]: Requested flags: forwardable
Sep 1 12:08:42 server.company.com kdc[52]: TGS-REQ server.company.com$@server.company.COM from 127.0.0.1:53267 for host/server.company.com@server.company.COM [canonicalize]
Sep 1 12:08:42 server.company.com kdc[52]: TGS-REQ server.company.com$@server.company.COM from 127.0.0.1:56209 for ldap/server.company.com@server.company.COM [canonicalize]
Sep 1 12:08:42 server.company.com xscertd[10518]: Received connection from 127.0.0.1:52999
Sep 1 12:08:42 server.company.com xscertd[10518]: Received request from 127.0.0.1:52999
Sep 1 12:08:42 server.company.com xscertd[10518]: Processing request from 127.0.0.1:52999 of /scep/?operation=GetCACaps...
Sep 1 12:08:42 server.company.com xscertd[10518]: Returning response with code 200 to 127.0.0.1:52999
Sep 1 12:08:42 server.company.com xscertd[10518]: Received connection from 127.0.0.1:53000
Sep 1 12:08:42 server.company.com xscertd[10518]: Received request from 127.0.0.1:53000
Sep 1 12:08:42 server.company.com xscertd[10518]: Processing request from 127.0.0.1:53000 of /scep/?operation=GetCACert...
Sep 1 12:08:42 server.company.com xscertd[10518]: Returning response with code 200 to 127.0.0.1:53000
Sep 1 12:08:42 server.company.com xscertd[10518]: Received connection from 127.0.0.1:53001
Sep 1 12:08:42 server.company.com xscertd[10518]: Received request from 127.0.0.1:53001
Sep 1 12:08:42 server.company.com xscertd[10518]: Processing request from 127.0.0.1:53001 of /scep/?operation=PKIOperat...
Sep 1 12:08:42 server.company.com xscertd[10518]: Received GetChallengePassword from 127.0.0.1:53001
Sep 1 12:08:42 server.company.com xscertd[10518]: Request from 127.0.0.1:53001 succeeded, returning Success status
Sep 1 12:08:42 server.company.com xscertd[10518]: Returning response with code 200 to 127.0.0.1:53001
==> /Library/Logs/ProfileManager/php.log <==
0::Sep 01 13:08:42.519 [3963] <10.0.0.220> No signing certificate specified, unable to sign.
0::Sep 01 13:08:42.519 [3963] <10.0.0.220> Completed in 7373ms | 200 OK [https://server.company.com/devicemanagement/mdm/ota_service.php]
And eventually server side
Sep 1 12:20:50 server.company.com ProfileManager[10572] : @@@ DemandCommand.execute: PGError: ERROR: could not serialize access due to concurrent update
: UPDATE "devices"
SET "last_profile_send_time" = '2012-09-01 19:20:50.177983'
WHERE "id" = 39
@@@
Sep 1 12:20:50 server.company.com ProfileManager[10572] : @@@ Retry #1 of command #2827 due to database transaction failure.... @@@
Sep 1 12:20:50 server.company.com ProfileManager[10572] : >>>DemandCommand.execute: #.extend_task(PushSettings,39,devices)
Sep 1 12:20:50 server.company.com ProfileManager[10572] : ** has_many_polymorphs: Warning; not all usage scenarios for polymorphic scopes are supported yet.
Sep 1 12:20:50 server.company.com ProfileManager[10572] : Task.create_task: changed_profiles=[""], count=1
Sep 1 12:20:50 server.company.com ProfileManager[10572] : ProfileCache.update: cache=#, updated_at = 2012-08-31 03:36:00 UTC
Sep 1 12:20:50 server.company.com ProfileManager[10572] : Task.create_task: Created task #8719 'UpdateInformation' (prio:50) for
To me... the server database looks like its having trouble inserting/updating this particular devices row due to a prior failed transaction... I don't know how to clear this out. Restarted Profile Manager, server, and client.
Any ideas?