Hi All,
I am running into an issue with NDES / SCCM Intune Certificate Provisioning.
My iOS device can successfully receive the Root CA payload, and the Wireless Profile. However, the SCEP certificate is not being issued to the device.
When I look in the logs on the NDES server (NDES.log), i see the following lines
<![LOG[Failed to retrieve client certificate. Error -2147467259]LOG]!><time="20:48:44.215+00" date="08-17-2015" component="NDESPlugin" context="" type="3" thread="4064" file="httprequest.cpp:240"><![LOG[Exiting VerifyRequest with 0x80004005]LOG]!><time="20:48:44.215+00" date="08-17-2015" component="NDESPlugin" context="" type="1" thread="4064" file="ndesplugin.cpp:874">
The NDES server is able to communicate with the CA, and the client is able to successfully hit the external DNS name of the NDES server on port 443.
The whole process seems to be working just fine except for the SCEP cert generation to the client.
I have verified that the CRP on the SCCM server logs are clean and all show expected results.
The NDES user is a local admin on the NDES server and I have verified that the Application Pool identity references the NDES user.
Any idea what is going on here?
TIA!