User profile for user: mg7819
mg7819 Author
User level: Level 1
0 points

Yosemite Server Profile installation failed

I've been wrestling with this one for weeks now. I hope the Apple support community can help. I have a OS X 10.10.2 server running Server 4 and five OS X Lion clients. I have not been able to enroll the Lion iMacs into Profile Manager's Device Manager yet. After I install the trust profile, I get the following error:


The profile “Remote Management (com.apple.config.macserver01.mgisd.net.mdm)” could not be installed due to an unexpected error.


I've used the script for Yosemite to uninstall Profile Manager, demoted OD and even trashed Server.app and redownloaded and set up from the App Store. Everywhere I read there seems to be an indication that this problem can be due to the certificate. I'm using the certificate that is created during the profile manager/open directory setup for everything on my server. In the "Secure my server with" area under Certificates in Server, for the secure web server and to sign the profiles in profile manager. Am I missing something, should I have created a self signed one for any, or all, of these locations. Or is there something else going on?


I was able to enroll a Mountain Lion Mac and my MBP which is running Mavericks. So, is there just too big a gap between Lion and Yosemite for profile manager to manage OS X devices?


Thank you so much.

Mac Pro

Posted on Mar 9, 2015 11:41 AM

Reply
9 replies
User profile for user: DYC87
DYC87
User level: Level 1
31 points

Mar 9, 2015 1:20 PM in response to mg7819

Support for 10.7 clients was apparently not supported in Server 3.X (OS 10.9 Mavericks) either. I opened a case a few weeks ago when I was receiving the same error. I have no clue why they are unable to at least tell you this.


My Case #746080092 - Unable to enrol 10.7.5 clients in Profile Manager

Note the broken link below goes to: http://help.apple.com/profilemanager/mac/3.2/#/apd5BD57F16-A2BF-43B9-AB4B-24948F B52C1E

Apologies for the delay.

Yes I did received the profile thank you.

Unfortunately what you are experiencing is expected
behavior, as described on this
page:


[…] Mobile device management is supported on Mac computers
with OS X Mountain Lion v10.8 or later installed, and on iOS devices with iOS 6
or later installed




Also the support reps did not even know this was expected behavior I had to send them log files then bug them 3 days later to get follow up and of course apple has no way to log into their support site and view any open cases I have created like almost every other company I deal with so I need to do email reminders to follow up with these people.

Reply
User profile for user: DYC87
DYC87
User level: Level 1
31 points

Mar 9, 2015 1:43 PM in response to mg7819

I think I made a huge typo in the first line (I already edited the post) should have said not supported in 10.9 server.


You would need to downgrade the server os and server.app all the way to Mountain Lion 10.8 or upgrade your clients to 10.8 but you stated the hardware is at the end of the road for updates already so that is not an option.


We are still running 10.9.5 with Server 3.2.2 and will be at least for the time being. We are still testing Apple Server and finding it subpar in many ways. We may have to end up moving to a more expensive 3rd party application.


Honestly I am really not that happy with Mac Server.app its probably fine if all you want is a basic web server, basic email sans web access, and a self run domain. However if you are a medium or large size company who already has AD, probably already has either Exchange or Lotus Notes, IIS and/or Apache, file shares and home directory's are already setup, there is not much there. The profile manger which is the only part of the software we really wanted is useful-ish as the policy push works fairly well in terms of getting them pushed but you cannot do simple things like disable setup assistant, pushing software, pushing printers and print drivers, so far locking down the control panel is about the best thing we can get working 100%. Even pushing dock icons is not done well as there is no documentation on the difference between a dock item and dock icon, the logs are not tech friendly to read if something goes awry for example pushing an item to be a "startup item" but not having it preinstalled on the machine breaks the policy push to that machine instead of just skipping it and logging the error at informational level or something like AD does.


Top if off with their weak backwards compatibly such as the issue we both saw with 10.7 machines and also for example when 10.10 first came out last year I saw the update an ran it on my server, well it does not warn you this causes server.app to not run at all and give you the "this version of server does not run on this version of OS X." eror message. So go to the app store only to find out at the time server 4.X was not yet available unless you have the beta from Apple Developer Portal. Really they could not warn you about this during the install! Then you look online for the answer and people are just like oh yea its been like that every new version but if your a newb stinks to be you go have fun restoring your box from a backup and that's if server.app decides it likes your backup otherwise complete system wipe. This set me back a couple of weeks in testing.

Reply
User profile for user: mg7819
mg7819 Author
User level: Level 1
0 points

Mar 9, 2015 2:00 PM in response to DYC87

Thanks for the clarification on the 10.9 server NOT WORKING. lol I've noted that and I'll try 10.8 server. I agree that there isn't much that is usable to manage our Macs in Server.app. I too already have home folders and authentication working in AD. The only things I need to do is control what's shown in Finder and change and limit some System Prefs. This was so amazingly simple in the old Workgroup Manager. Thanks, Apple. Which I may try to use in Mavericks before I go all the way down to Mountain Lion server. It supposedly still works in Mavericks server. Best of luck to you. Thanks again.

Reply
User profile for user: mg7819
mg7819 Author
User level: Level 1
0 points

Mar 10, 2015 10:01 AM in response to mg7819

Well, I did a clean install of Mavericks. Downloaded and paid for Server 3. Set up Profile manager and OD again, and guess what? Same error from Lion clients. "Profile Installation Failed" due to an unexpected error. Still can't enroll Lion devices into device manager. I'm just about done here. So, now I've bought two versions of Server for $19.99 each because I didn't think I'd be charged again for the same software title when trying to download it from my app purchase history (Yes to the Horshacks out there going OOH OOH OOH, you're charged each time for Server on a newer version of OS X). So, now, am I to pay another $19.99 to "TRY" Server 2 on Mountain Lion with ANOTHER clean install and reconfig? Come on Apple? Help me out here. DYC87, are you still using Mountain Lion and Server 2 with your Lion clients?

Reply

This thread has been closed by the system or the community team. You may vote for any posts you find helpful, or search the Community for additional answers.

Yosemite Server Profile installation failed

Welcome to Apple Support Community
A forum where Apple customers help each other with their products. Get started with your Apple Account.
Learn more Sign up