Chapter 6: Troubleshooting
This section lists the common issues and the steps to resolve them.
Common issues that you may encounter after the configuration is done:
● Certificate fails to enroll.
● Connection to the secure SSID fails.
● Error messages are displayed:
○ Device Creation Failed in the SecureW2 Management Portal > Device Onboarding
> Events or
○ SCEP enrollment failed in the Intune portal.
To resolve them:
● Check if the attributes have values and are mapped correctly. For more information, see:
Creating an Intermediate CA for Intune SCEP Gateway Integratio n .
● Make sure that the SCEP profile (in the Intune Portal) is configured to send values in the
SAN attribute using Email address (RFC822) . The common attributes configured are
DeviceName and AAD_Device_ID. For more information, see: Creating an Intermediate CA
for Intune SCEP Gateway Integratio n .
● Confirm if the User Role Policy is mapped to the Intune API Token as identity Provider and
similarly ensure that Enrollment Policy is mapped to the Role and default Device Role. For
more information, see: Configuring a Role Policy .
● Ensure that the SCEP profile is configured accurately.For more information, see: Creating
an Intermediate CA for Intune SCEP Gateway Integratio n .
● Check if the Trusted Root CA of the RADIUS server certificate is mapped in the Wi-Fi
profile. For more information, see: Creating a Wi-Fi Profile .
● Remove the SCEP profile and push any other profile, like the Trusted Root CA profile, to
confirm if the user is successful with the configuration. For more information, see:
Exporting Trusted RADIUS Server Root CA Certificate .
Possible issues in Microsoft Intune:
● SCEP enrollment failed. For more information, see:
https://docs.microsoft.com/en-gb/troubleshoot/mem/intune/troubleshoot-device-enrollm
ent-in-intune
● Users not assigned to the application in Azure. For more information, see:
https://docs.microsoft.com/en-us/mem/intune/fundamentals/users-add