XenMobile: MAM-Only with CBA Issue on enrollment

Certificate Based Authentication Xenmobile

When you configure CBA (Certificate Based Authentication), you can receive the following error:

“The configuration does not support client certificate authentication. Contact your helpdesk for additional information” when enrolling iOS devices.

Here after the solution:

 

Symptoms or Error

Android devices are able to enroll but iOS devices tested with the same users fail with the above error after authenticating

Solution

Remove the “Shared device enroller” RBAC permission for any user group within the RBAC group

Note: This permission should not be enabled for Certificate based authentication configured environments


Problem Cause

“Shared devices enroller” RBAC permission was configured for users
Note: My test has been done with MAM-Only Mode for XMS, for the same customer I have the RBAC configured on another environment MDM+MAM and CBA and no issue appear, so I suppose that this issue is for MAM-Only Mode