MDM注册:无法接收或解析证书注册响应。 [英] MDM Enroll: Failed to receive or parse certificate enroll response.
问题描述
我正在开发一个mdm服务器来使用oma-dm协议。 我目前无法通过安全令牌响应注册Windows 10。 反正有没有详细记录我的安全令牌
响应失败的原因? 我只能看到事件查看器中的以下错误,MDM注册:无法接收或解析证书注册响应。 非常感谢任何帮助。
I am working on developing an mdm server to work with the oma-dm protocol. I am currently not able to make it past the step of enrolling windows 10 with the security token response. Is there anyway to get a detailed log of why my security token response is failing? All I can see is the following error inside the event viewer, MDM Enroll: Failed to receive or parse certificate enroll response. Any help would be greatly appreciated.
这是我的安全令牌回复:
This is my security token response :
<?xml version="1.0" ?>
<s:Envelope xmlns:a="http://www.w3.org/2005/08/addressing" xmlns:s="http://www.w3.org/2003/05/soap-envelope" xmlns:u="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd">
<s:Header>
<Action s:mustUnderstand="1">http://schemas.microsoft.com/windows/pki/2009/01/enrollment/RSTRC/wstep</Action>
<a:RelatesTo>urn:uuid:0d5a1441-5891-453b-becf-a2e5f6ea3749</a:RelatesTo>
<o:Security s:mustUnderstand="1" xmlns:o="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd">
<u:Timestamp u:Id="_0">
<u:Created>2018-06-08T10:23:55.125153</u:Created>
<u:Expires>2018-06-13T10:23:55.125169</u:Expires>
</u:Timestamp>
</o:Security>
</s:Header>
<s:Body>
<RequestSecurityTokenResponseCollection xmlns="http://schemas.microsoft.com/windows/pki/2009/01/enrollment">
<RequestSecurityTokenResponse>
<TokenType>http://schemas.microsoft.com/5.0.0.0/ConfigurationManager/Enrollment/DeviceEnrollmentToken</TokenType>
<DispositionMessage/>
<RequestedSecurityToken>
<BinarySecurityToken EncodingType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd#base64binary" ValueType="http://schemas.microsoft.com/5.0.0.0/ConfigurationManager/Enrollment/DeviceEnrollmentProvisionDoc" xmlns="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd">
#编码#
< /&的BinarySecurityToken GT;
< / RequestedSecurityToken>
< RequestID xmlns =" http://schemas.microsoft.com/windows/pki/2009/01/enrollment"> 0< / RequestID>
< / RequestSecurityTokenResponse>
< / RequestSecurityTokenResponseCollection>
< / s:Body>
< / s:Envelope>
</BinarySecurityToken> </RequestedSecurityToken> <RequestID xmlns="http://schemas.microsoft.com/windows/pki/2009/01/enrollment">0</RequestID> </RequestSecurityTokenResponse> </RequestSecurityTokenResponseCollection> </s:Body> </s:Envelope>
这是我的wap令牌回复:
This is my wap token response :
<wap-provisioningdoc version="1.1">
<characteristic type="CertificateStore">
<characteristic type="Root">
<characteristic type="System">
<characteristic type="60343C95EEE5FF72049F64C0AE9B6F8DB5CC5DBF">
<parm name="EncodedCertificate"
value="MIIDLjCCAhagAwIBAgIBATANBgkqhkiG9w0BAQsFADAdMRswGQYDVQQDExJTdGVlbCBUYWxvbiBNRE0gQ0EwHhcNMTcxMTE2MjIzODM2WhcNMTgxMTE2MjIzODM2WjAdMRswGQYDVQQDExJTdGVlbCBUYWxvbiBNRE0gQ0EwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCu8qzdCArpAFqoKXQY3iQCH9hC9mqxb3ZSk46xXiJzU7JsQ7O8KDyTpZRWA80VPyiFAXKOFwNaODnmGl3ZLvLhkBMJrL3jZtN5Kb1BcKOtOnw7/ALRcvleSpqm2+O3bsnVV2U7v3l3z0cyIcIF5SoPGemDtLM/ZP38Xgj4PuIp0vQoSlEd2c+C3kUJocpJdVyeHdjOwjgeO+XHXkkDdgiAa3za/WMphIWA5AD6NvtyERoas+OZHSAdP+iwY061UquTwdzzkTOloEYhFZb3jCFBzb1G+8oNUcf5p2lbB99kaVVPfIWTfOzWpzjS2ke1jcLv5AY5rp13Md1Eiw44qiwZAgMBAAGjeTB3MB0GA1UdDgQWBBRpO6JX6ZSEj5bR2b9UtQP+Aoos2jBFBgNVHSMEPjA8gBRpO6JX6ZSEj5bR2b9UtQP+Aoos2qEhpB8wHTEbMBkGA1UEAxMSU3RlZWwgVGFsb24gTURNIENBggEBMA8GA1UdEwEB/wQFMAMBAf8wDQYJKoZIhvcNAQELBQADggEBAAwqw6gAL47DfKNKeMkECm45xazx4Z9RN6GRTacPlJhEZt9utQ+1IrwdQCudbFeQEbDSUeuO6TLFb5i8t8DhQmEQR8HcWwfgYvW2FX+qa9Xy6tiInqMwQKfZro+XIwrruer09OTp6ZKGxR5DkY2y5cK5rF/kIoUKn1Vxt9qjh/fVdSxhiKqscgmUqjX6InlyGyekmEGqVGTS4rmm+IUqLm8HcS0GG/6fosYML/fieQRFwo6fSwaug89xxH3cOJ6vUuyZwoxgxfnaK0Q9NlDndOiWDwcFE7Ys4fU/pCzovOPlj3UBTKL5yaYnIoffTZi1rS5GoB2KasfmPGtBIGp93CA="/>
</characteristic>
</characteristic>
</characteristic>
</characteristic>
<characteristic type="CertificateStore">
<characteristic type="My">
<characteristic type="User">
<characteristic type="C0909B78700EBDA4C02A56209F53344B5FBAF6F6">
<parm name="EncodedCertificate"
value="MIIC2jCCAcKgAwIBAQIBAjANBgkqhkiG9w0BAQUFADAaMRgwFgYDVQQDDA8qLnNhZmVraWRkby5jb20wHhcNMTgwNjA4MTcyMzU1WhcNMTgwNjEzMTcyMzU1WjAdMRswGQYDVQQDDBJTdGVlbCBUYWxvbiBNRE0gQ0EwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQC11ET9GCvLIM5iFWjZ4N6r9u+X4iwbJk85apLdihpTpgTbympO+mkMhv/qw55EDh7muz6CC7jGF2TMmNnErITzswrsU1j4zERFN+mnXa+FS+3rE1hObg5isNszN7q9Xp6UBjsJxYUgX+/Er2OfiYj8Tse8gksP9T1XAwqJGrfv/qscrGzJeiVCRDuK8zJFR5iWOca8XxUsKyi2Jl9Fszx6MBSJN5mgpWvOaeoeczUhClwxxXUJJcyoNWn1DtPQ+zkKbGs0UxgnlzsjA1nn174jrOoaq91I4g7973rAEyoCvLr7VqLZumNkE5BFe8Yd/OJ87FaMc0TZVTNBA8doTjV9AgMBAAGjKDAmMBYGA1UdJQEB/wQMMAoGCCsGAQUFBwMCMAwGA1UdEwEB/wQCMAAwDQYJKoZIhvcNAQEFBQADggEBAK7qJzy5udJMQnr8z1lXrcJGTl9ESsPGzFFC1QG3AE8RpF34rTPSMVkBVnE4ljtvprEZ6EHbBvhPYPwaw7Me+2lIacXyvgKTagbdwOyVzScsO2e70M2T/p8TkK1u5ctmJZRnw+PQh+cROgMj8xZ3DF1CzUjvpLHKi8CXlRiTWGQflmo96DG5fTTVxIr+XobYkFl6MvWaG7wOFwqMffH2OKke6pohSuDFPmPEQyTwEPpgxiViVcgUSTtyAjWTf0oLDv4glX5BRtPQBL5jLyBISUzdD7RTA+phxblHp2rDMoalXg+IrjgU38Z6e59jPXaKwQpa0m5OkkLJa7I6Hb+kB/k="/>
<characteristic type="PrivateKeyContainer"/>
</characteristic>
</characteristic>
<characteristic type="WSTEP">
<characteristic type="Renew">
<parm datatype="boolean" name="ROBOSupport" value="true"/>
<parm datatype="integer" name="RenewPeriod" value="4"/>
<parm datatype="integer" name="RetryInterval" value="1"/>
</characteristic>
</characteristic>
</characteristic>
</characteristic>
<characteristic type="APPLICATION">
<parm name="APPID" value="w7"/>
<parm name="PROVIDER-ID" value="MDMServer"/>
<parm name="NAME" value="MDM"/>
<parm name="ADDR" value="http://localhost/omadm/rs/syncml"/>
<parm name="CONNRETRYFREQ" value="6"/>
<parm name="INITIALBACKOFFTIME" value="30000"/>
<parm name="MAXBACKOFFTIME" value="120000"/>
<parm name="BACKCOMPATRETRYDISABLED"/>
<parm name="DEFAULTENCODING" value="application/vnd.syncml.dm+wbxml"/>
<parm name="SSLCLIENTCERTSEARCHCRITERIA" value="Subject=MDM%20CA;Stores=My%5CUser"/>
<characteristic type="APPAUTH">
<parm name="AAUTHLEVEL" value="CLIENT"/>
<parm name="AAUTHTYPE" value="DIGEST"/>
<parm name="AAUTHSECRET" value="dummy"/>
<parm name="AAUTHDATA" value="dummy"/>
</characteristic>
<characteristic type="APPAUTH">
<parm name="AAUTHLEVEL" value="APPSRV"/>
<parm name="AAUTHNAME" value="123456789"/>
<parm name="AAUTHSECRET" value="dummy"/>
</characteristic>
</characteristic>
<characteristic type="DMClient">
<characteristic type="Provider">
<characteristic type="MDMServer">
<characteristic type="Poll">
<parm datatype="integer" name="NumberOfFirstRetries" value="8"/>
<parm datatype="integer" name="IntervalForFirstSetOfRetries" value="15"/>
<parm datatype="integer" name="NumberOfSecondRetries" value="5"/>
<parm datatype="integer" name="IntervalForSecondSetOfRetries" value="3"/>
<parm datatype="integer" name="NumberOfRemainingScheduledRetries" value="0"/>
<parm datatype="integer" name="IntervalForRemainingScheduledRetries" value="1560"/>
<parm datatype="integer" name="IntervalForRemainingScheduledRetries" value="1560"/>
<parm datatype="boolean" name="PollOnLogin" value="true"/>
</characteristic>
<parm datatype="string" name="EntDeviceName" value="Administrator_Windows"/>
</characteristic>
</characteristic>
</characteristic>
</wap-provisioningdoc>
推荐答案
Hello weys,
Hello weys,
感谢您的提问。我们的一名协议工程师将为您提供帮助。
Thank you for your question. One of our Protocols engineers will assist you.
谢谢,
这篇关于MDM注册:无法接收或解析证书注册响应。的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
