0x3e8 (1000) Error – enrolling iOS Devices to ABM and WS1 via Apple Configurator 2

This post was originally published on this site

Hey there,

 

we recently joined the Apple Business Manager, formerly DEP Program.

Since we now want to use all of the functionalities that come with it, we want to enroll existing Devices to it using Apple Configurator 2.

 

What’s the issue?

When we try to enroll devices via Apple Configurator 2 using a pre-configured blueprint, the AC2 throws the error “MCErrorProfileDomain 0x3e8 (1000)“.

If you were to ignore that, the Remote Management Page during the Device’s setup says “invalid profile”, and it takes you back to the WiFi Settings.

The weird part is, the registration, even though it seemingly failed, is active in ABM. By not completing the Preperation process a couple of times, we obviously never truly set up our first device using AC2, but there are now six registrations showing up in ABM for that particular iPad.

 

What have we set up?

We have an up and running ABM connected to our WorkspaceONE Console. New Devices from our suppliers/partners automatically show up here, and we have no problems directly enrolling them to WS1. Everything runs properly. Therefore, we have the “Device Enrollment Program” set up as (we think it’s) required, there is a valid Token, and everything syncs just fine. We’ve got a Profile for it, in which we have selected the following: Require MDM Enrollment: True; Supervision: Enabled; Lock MDM Profile: Enabled; Device Pairing: Enabled; Custom Enrollment: Enabled; Custom Prompt: Disabled; Authentication: fixed to True; Await Configuration: True.

 

Next, we set up our company in the AC2, and exported the Supervision Identity Certificate to the profile in WS1 within “Device Enrollment Program” as mentioned above.

 

Then we exported a Profile from the “Automated Enrollment” page set up as follows: Enable Automated Enrollment: True; Platform: Apple iOS; Staging Mode: None.

We then bundled that to a Blueprint in AC, which we configured using the “Automated Enrollment” option; loading a WiFi-Profile and the exported Profile from WS1 to it; set no Username or Password, and prepared it, which failed.

 

 

Since I’ve basically tried everything,

I dearly hope someonce can provide advice to what we are doing wrong, or what might be the solution to it.

 

Thank you all in advance!

Michael

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.