We have our Microsoft devices connecting properly via SCEP as of today. Packetfence is able to handle requests going to /scep/<template>/pkiclient.exe and resolve that URL properly. The issue we were running into is using an improper client CA cert for our SCEP template (we used a cert that was manually issued via the SCEP template, NOT the actual CA issuing SCEP requests)
On Tue, Aug 13, 2024 at 2:30 AM James Andrewartha via PacketFence-users < packetfence-users@lists.sourceforge.net> wrote: > On 8/8/24 02:29, JUSTIN BISHOP via PacketFence-users wrote: > > Hey packetfence users~ > > I'm having an issue getting the InTune SCEP profile to negotiate with > > our Packetfence PKI. > > > > I have set up the cloud connector in Entra/Azure, InTune config profile, > > and everything else included in the install guide. > > > > On our Windows 10 clients, I see event errors appearing in the > > "DeviceManagement-Enterprise-Diagnostic-Provider" event log with eventID > > 307: > > > > Scep Failed to initialize SCEP enrollment with NDES Server > > "Http://<FQDN>/scep/OurTemplate/_pkiclient.exe_" > > This is pointing to an .exe file on our packetfence server? That > > doesn't seem right. > > > > In our InTune SCEP profile, the SCEP url is http:// > <FQDN>/scep/OurTemplate > > > > Anyone got a fix for this? > > What's in your packetfence logs? .exe in the URL of the Packetfence > server is expected. > > Personally I would recommend using SCEPman running in the free (F1) > Azure App Service tier if that's possible for you, over the Packetfence > Intune integration as it's more feature complete. > > -- > James Andrewartha > Network & Projects Engineer > Christ Church Grammar School > Claremont, Western Australia > Ph. (08) 9442 1757 > Mob. 0424 160 877 > > > > _______________________________________________ > PacketFence-users mailing list > PacketFence-users@lists.sourceforge.net > https://lists.sourceforge.net/lists/listinfo/packetfence-users >
_______________________________________________ PacketFence-users mailing list PacketFence-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/packetfence-users
