HT201063: Resolve issues with Profile Manager in macOS Server

Learn about Resolve issues with Profile Manager in macOS Server
Cerniuk

Q: How to fix Server 500 error when enrolling mobile devices?

When I attempt to enroll a mobile device with a valid user account, OpenDirectory, Web, Profile Manger all turned on, I get a server 500 error.

 

Guessing this below means "reinstall again":

 

    ############################################################################### ################################################################################ #################

1:: [2853] [2016/05/03 15:54:14.645] <172.58.184.8> >>> Processing POST mdm_enroll

1:: [2853] [2016/05/03 15:54:14.718] <172.58.184.8> iOS version 9.3.1

1:: [2853] [2016/05/03 15:54:14.839] \033[1;7;31mEXCEPTION:\033[0;31m  Error <-[SCEPHelper getSCEPChallengeForHost:] (/Library/Caches/com.apple.xbs/Sources/RemoteDeviceManagement/RemoteDeviceManag ement-894.33/Compiled/Framework-Base/Support/SCEPHelper.m:89): "'((SCEPHELPER_GetSCEPChallenge(self.connection, hostname, hostnameCnt, &challenge, &challengeCnt)))' error 1">

    USERINFO: {

        NSLocalizedDescription = "Operation not permitted";

    }\033[0m\033[0m

0:: [2853] [2016/05/03 15:54:14.840] do_dmx_get_scep_challenge_for_host: caught exception -[SCEPHelper getSCEPChallengeForHost:] (/Library/Caches/com.apple.xbs/Sources/RemoteDeviceManagement/RemoteDeviceManag ement-894.33/Compiled/Framework-Base/Support/SCEPHelper.m:89): "'((SCEPHELPER_GetSCEPChallenge(self.connection, hostname, hostnameCnt, &challenge, &challengeCnt)))' error 1"

0:: [2853] [2016/05/03 15:54:14.840] <172.58.184.8> EXCEPTION: 500 Internal Server Error - Could not retrieve SCEP challenge. at

    #0 /Applications/Server.app/Contents/ServerRoot/usr/share/devicemgr/backend/php/ot a_service_common.php(47): DieInternalError('Could not retri...')

    #1 /Applications/Server.app/Contents/ServerRoot/usr/share/devicemgr/backend/php/md m_enroll.php(78): GenerateMDMBindingProfile(8191, '35B974F6-5878-4...')

    #2 {main}

1:: [2853] [2016/05/03 15:54:14.841] <172.58.184.8> <<< Sent Final Output (26 bytes) - POST mdm_enroll

0:: [2853] [2016/05/03 15:54:14.841] <172.58.184.8> Completed in 227ms | 500 Internal Server Error  [https://nacreous.vamobile.us/devicemanagement/mdm/mdm_enroll]

 

A search for EXCEPTION: 500 Internal Server Error - Could not retrieve SCEP challenge seems to show it is not a new problem...

 

Have you seen before? Fixed somehow? Tried deleting certs, recreating OD,

Posted on May 3, 2016 2:47 PM