Profile Manager Active Tasks Status stays on Pending

Similar Messages

• Profile Manager Active Tasks never complete, are always pending

  I'm using OS X Server 3.2.2 on OS X 10.9.5. I'm attempting to push changes to a device or device group (iMacs in this case), but the task status is always pending and the task never completes. However, when I manually download the Enrollment Profile on a client machine, it will contact the server and grab the device and device group profiles during the initial enrollment. We're not blocking any ports and the server and client are both on the same VLAN and subnet. I'm stumped as to why I'm seemingly only able to communicate to the server from a client and not the other way around. I appreciate any help and suggestions. Thanks.

  Hi dankgus, I was reading this article which explains how the mechanics of this work.
  http://www.justinrummel.com/how-apns-works-with-mdms-that-manage-osx-and-ios/
  I then thought about your firewall comment, when I configured my firewall to work with my Mac MDM I used this Apple KBA ------> http://support.apple.com/kb/ht5302 however I did not open TCP:443 for security reasons. I actually thought this was just for device enrollment and management however it looks like the iOS device might actually require it to function properly. I opened the port and ran a device update which worked. I think it worked ok initially because internally users can get to the MDM over TCP:443 through our split DNS and as soon as they took their iOS devices out of the reach of our corp WIFI it stopped working. I will observe the results and report back and of course I welcome comments.

• Profile Manager Active Tasks

  Hey guys,
  Whenever we log into our Profile Manager, there's also a ton of active tasks running.  I just checked now, and there are 40 tasks currently active.  These are tasks we haven't initiated on our end, and for the majority, it's removing settings from our laptops.  Sometimes, we'll just watch the active tasks list for a few minutes and within that period more and more tasks will get added that neither myself nor the other Mac tech has initiated.
  Have you all heard anything like this before, and if there's a possible solution/reason?
  Thanks!
  Aaron Campbell
  Tech II | Putnam City Schools

  I found since profile manager is pulling over ad users I can search individual users and they are set by default to push settings does anyone know how to change this?

• Profile Manager - Activity Tasks - Unknown Target

  Hardware Details
  Product - Mac mini Server (Late 2012)
  Processor - 2.3 GHz Intel Core i7
  Memory - 4 GB 1600 MHz DDR3
  OS - OS X Yosemite 10.10.2 (14C1510)
  OS X Server Application Details
  Version - 4.0.3 (14S350)
  I am configuring the Profile Manager for Users. I have created Restrictions in the Settings tab for Users for one of the Users. After saving my Restrictions, the profile manager pushes it to devices and for some reason it will not push and the status is shown as Pending, because the device is Unknown.
  How do I retrieve the unknown device and remove it from my PM as it is causing hassle every time I try to push the settings to the User.
  [Attached image for clarification]

  Did you setup DNS correctly?
  Profilemanager relies heavily on a Fully Qualified Domain Name FQDN, so only using macserver.local might cause this issue.
  Is the computer who is @unknown getting it's DNS information from the macserver as well or another DHCP server? And does that DHCP server point to the macserver, enrollment needs a valid DNS setup to work properly.
  Is port forwarding enabled for profile manager? Can you tell us more about your setup?
  Goodluck
  Jeffrey

• 10.9 Profile Manager Active Directory Advanced Options

  Hey guys!
  I've been working with Profile Manager in Mavericks Server and so far, I'm pretty excited with the improvments in functionality that have been made. I'm still using WGM and MCX settings for my 10.6 - 10.8 users but would like to move to Profiles for 10.9 and iOS 7. However I have a single road block in my way and it's in reference to this article:
  http://support.apple.com/kb/HT5981
  I am able to use the "Directory" payload to bind to AD cleanly and everything works. However, I need to access some of these Advanced Options referenced in the KB article.
  The first set of instructions about creating the .mobileconfig, downloading it, and then editing it works prefectly. However, I would then have to manually distribute the .mobileconfig instead of being able to push it. If I eventually wanted to modify it (such as add an ADDomainAdminGroupList later on) I would again have to manually distribute the .mobileconfig.
  The second set of instructions in the KB article reference (with a "by the way" attitude...) stating that these settings can be added in the Custom Settings Payload. I have been unable to get this to work in any fashion. I'm unsure if the Directory Payload still has to be configured, or if it needs a dedicated UUID, or if it needs the entire AD configuration, etc...
  Anyone been able to successfully set this up? I can provide my mobileconfigs upon request if that will help.
  Thanks!
  Nick.

  Hello Nick,
  I wouldn't be as sure as GeneMCX about the custom settings section. I actually was able to create a payload for the Finder and then override some of the settings by uploading the following file under the custom settings section:
  <?xml version="1.0" encoding="UTF-8"?>
  <!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
  <plist version="1.0">
    <dict>
      <key>ShowHardDrivesOnDesktop</key>
      <true/>
      <key>ShowExternalHardDrivesOnDesktop</key>
      <false/>
      <key>ShowRemovableMediaOnDesktop</key>
      <false/>
      <key>ShowMountedServersOnDesktop</key>
      <false/>
    </dict>
  </plist>
  Important: the file was named com.apple.finder.plist in order to populated the "Preference Domain" correctly (com.apple.finder in this case).
  In this particular case, I let the client download the profile using the mydevice portal. Not sure if things would have worked properly if the configuration had been pushed to him.
  Bottom line is: in at least one case, custom settings do allow to tweak a payload configuration. But not always. I am still unable to do a similar thing with mail accounts. I have no idea whereas Active Directory Advanced Options fall in the first category or in the second one.
  You could probably make tests using a "simpler" service than AD... like Finder by example. Just get used to all this. One useful command on the client side is "profiles". You can have a look here: http://krypted.com/tag/profile-manager/
  I hope this helps. Good luck!

• Mac Mini Profile Manager installing/updating ipad Apps - HELP!

  Hi,
  i am hoping someone might be able to help with the following.
  we have a mac mini server to remote manage 25 ipads using profile manager.
  this works well as we can lock, wipe and clear passcodes etc.and attach the policies without any trouble.
  However we are trying to push out an app (version 1.4) to the devices and this is sort of working but not fully.
  if the app is already installed with version 1.3 it doesnt update even though in profile manager, 'active tasks' it says successful.
  if you go go into profile manager and select the device and select 'update info' this registers against the device but still shows as the old version.
  if we delete the app from our test ipad and push it out via profile manager it goes in active tasks as successful then the ipad has a pop up message box saying the xxxxxx.ourdomain.co.uk would like to install the app, once this has been ok'd it  installs on the ipad ok, but when you select the app it tries to open then goes back to the screen again and never opens the app.
  if you download the app direct from itunes it opens with out any trouble.
  here is the process i am using.
  on the mac mini server.
  download the app via itunes
  then in apps i drag the app on to the desktop, this creates the .ipa file
  in profile manager, select the device, edit apps and browse to the .ipa and upload
  select the uploaded app and 'add'
  when you save this, then go to active tasks it gets pushed out to the device and reports as successful
  then the app either doesnt update if old version is installed or installs if no app is installed but doesnt open
  any help welcome
  regards
  Gavin

  Gavin,
  We've run into the same issue that you mentioned. My understanding of the Push App functionality of Profile Manager is this:
  Pushing apps is designed to be used to deliver In-House developed apps over the air (OTA). Meaning, if your organization develops an app for use on its own devices, you can upload the .ipa to Profile Manager and push it out while bypassing any App Store interaction. The In-House .ipa would contain its own provisioning profile that would dictate who is allowed to run it.
  When you download an app from the App Store, the .ipa that you get actually contains the AppleID that was used to purchase/download the app in the .plist. If you then push that app to a device that has never been used with that AppleID, the app will fail to launch as it cannot verify that you actually own the app.
  Before we go any further: what I'm about to discuss isn't officially condoned or supported by Apple, which means it is inheritly risky and could be patched over at any time.
  In order to bypass the issue, what has worked for us is to sign into the App Store on each iPad with the AppleID that is used to purchase the apps on your Mac Mini. You need to download at least one app to the iPad while logged in with that AppleID in order for the iPad to retain the AppleID after the iPad users log in again with their personal AppleID. After you have done that, users may once again log in with their own AppleID.
  At this point, you can push an app to any of those devices that have been paired with your Mac Mini's AppleID at least once. The apps won't (immediately) crash.
  Here's the catch: I'm told that the .ipa contains an "expiration date" of sorts. Once that date has elapsed, your iPad will attempt to extend the expiration date by connecting to the App Store to verify that the same AppleID that was used to download the app in the first place is still active on the device. If it is not, the app may once again crash when you attempt to run it. Now, this expiration date or timer is not disclosed, meaning, if this is really the case, you will have no idea when the apps will stop working. It could be weeks, or months, or years. A gamble, really. So, use that at your own risk.
  Currently, there is no official method for pushing App Store apps Over-the-air with Profile Manager or any other Mobile Device Management platform.
  Remember!: If you are even considering pushing apps in the manner mentioned above, you will still need to account for licensing. As an organization, you must have purchased the same number of copies of an app as you intend to install on your devices. This is a non-issue with free apps, but for auditing purposes, you'd best look into VPP or steer clear of pushing apps altogether.
  I hope some of that helped clear up your question.
  Good luck!

• Safari Keep-Alive via Profile Manager

  Greetings Community!
  Does anybody know of a way to issue a keep-alive to Safari via profile manager so it always stays open and that if it somehow closes it will automatically re-open?

  Worked it out!
  I also host a couple of personal websites and these were configured to use the IP of the server; removed this and set it to use the "Any" option and profile manager started working as expected. Not done a full test of the entire thing to see if anything else is broken but this has me moving on from here!

• IOS 8.1.1 devices "pending" after enrollment in Profile Manager

  Setup:
  OS X Yosemite with server 4.0
  After installing the trust certificate and enrolling an iOS 8.1.1 client, I can see the specific device in Profile Manager. However the status of the device stays "Pending". It seems that the enrollment proces can't proceed.
  When I enroll a device with iOS 7.1.1 there are no issues. Everything works fine!
  Any suggestions?
  Thx

  The devices had been running ios 8.1 for a number of days.
  We've had two more do this since my last post.  In each occasion, the devices are running iOS 8.1, have been turned off and turned back on again to boot to the Apple logo and remain there indefinitely.
  Hard resets don't solve the issue, the only remedy is a full restore via iTunes resulting in complete data loss.
  Surely others are seeing this issue if we've had 6-7 devices in the past few days?
  iOS 8.1 + reboot = brick?

• Pending Pushed App in Profile Manager

  Hello,
  I have been working in Profile Manager to push both ios and ox applications to mac laptops and to iPads. Right now, everything is pushing beautifully to the iPads, however under Active Tasks the applications just get stuck pending to the mac computers.
  Any solutions?
  Thanks!
  Message was edited by: fkravtbc

  So, this issue has been sovled. When installing OSX Server 10.9 the device manger database was replaced with a database named.
  devicemgr_v2m0
  I am not sure if this is the same name for all upgrades/new installs or diffrent based on the upgrade path.
  Tim

• Profile Manager Device Pending

  Hello. I am new to OS X Server and have come up against a problem with profile manager. I can enroll devices into profile manager but when I try and do anything (e.g. move them into a device group or update info) the task sits in active tasks as pending.
  I am not sure where to even start debugging this. I am running OS X Server 3.1.2 and OS X 10.9.4.
  Any help would be great.
  Richard

  We could solve this by opening the firewall for some ports (443, 1640, 2195, 2196, 5223, ) and ip addresses (17.0.0.0/8). Have a look at
  OS X Server: Ports used by Profile Manager
  Start Profile Manager

• Tasks locked under Profile Manager

  Hi everybody,
  I configured a mac mini server with OS X Server 3 to use MDM for my organization. We have about 70 iPads to manage and I want to push Free Apps, Exchange settings, etc.
  Following the setup assitant, I try to add a new iPad by connecting to my mdm/mydevices. I can add my organisation profiles but when I go to the profile manager to see if everything is OK, I have an active task, corresponding to my new iPad. This task has no target and stay active, without completing.
  I can't see anything interesting in log files (or maybe I don't know where to find interesting data ?)
  Thanks in advance for your help !

  Also, when I  sign into the users portal, the only device shown is this MAC which is my server and I do not want the users to enroll and be able to wipe the server.  How can I stop the MAC server from being on the My Device list for the Users.

• Neither Firefox nor the profile manager will start. In my task manager, the process is using 50% of my cpu but does nothing. I love browsing with firefox, how can I fix this?

  I've tried restarting my computer, the I tried uninstalling and reinstalling, then uninstalling, erasing all firefox files and folders, then restarting and reinstalling. I've also tried opening the profile manager to change my profile. After reinstalling a few times and trying to open the profile manager before launching firef0x, I got the firefox has crashed window and the process in the task manager is still using 50% of my cpu. The most recent expunge then re-download pops up a "file is corrupt" error and won't even install the program.

  Kill those processes that you are seeing, including any plugincontainer.exe, only once firefox has stopped running should you try to update it.
  Totally unexpected instances of firefox running may sometimes be the result of malware activity.

• Unable to see views Active Alerts, Discovered Inventory, Distributed Applicatios, Task Status, Unix/Linux Computers, Windows Computer under Monitoring workspace after upgrading to UR6

  Hi All,
  Recently I upgraded SCOM 2012 SP1 CU5 to CU6 and facing following issue:
  1. New menu item got grayed out that appears upon the right click on Monitoring node(root) under monitoring workspace.
  2.  When we click Monitoring in the navigation pane, the Monitoring Overview opens, which displays a summary of health states and alerts. if we click any of the numbers in the overview, it is supposed to open a state view of the selected category but
  this function does not work now.
  3. Views like Active Alerts, Discovered Inventory, Distributed Applications, Task Status, Unix/Linux Computers and Windows Computer do not appear under Monitoring workspace after upgrading to UR6.
  Has anyone out there facing such kind of issue? Any help on fixing these issues would be appreciating.  Thanks in advance.

  Hi,
  Have you re-opened the operation manager console?
  There are some known issues when intalling UR6, please go through it:
  http://support.microsoft.com/kb/2929885
  In addition, there is CU7 for SCOM sp1, why not installing the newest one:
  http://support.microsoft.com/kb/2965420
  Regards,
  Yan Li
  Regards, Yan Li

• Error in solution manager; no active task list exists in sap change manager

  Hi,
  i have created a correction in Solution manager but when i want to set it in status in development i receive the message below
  No active task list exists in SAP Change Manager
  could you please help me?
  thanks
  C.

  cmarrone wrote:Hi,
  This says taht your ChaRM configuration is not complete. You need to rectify these errors to work in ChaRM.
  >
  > listed below the detail of the errors:
  > Error in background job for program RSGET_SMSY error message No active job found
  1. Please activate the Landscape fetch job for RSGET_SMSY from SPROSolution ManagerBasic Settings-- Schedule Bgd jobs.
  > No RFC connection for system CIA client '000'
  Please maintain a connection from solution manager to the transport domain system . I belive this is CIA.
  > No CTS projects found for project ARC_AM_001
  Recheck the transport configurations.
  Rajeev

• Object Manager component tasks in Cleaning Up status

  Hi Gurus,
  In our Siebel 8.0 environment (Solaris), we have observed UCM Object Manager component crash due to a memory leak problem.
  Being this component is a Object Manager we were unable to login to the application using thin client.
  So we have re started the component through command prompt using shutdown and startup commands.
  The component is up and running now. We are able to open the application in thin client.
  But when I query for the active tasks of UCMObjMgr_enu component , the new tasks are visible in "Waiting for Command" status. But I could see the old tasks in "Cleaning Up" status.
  How to remove these old tasks.
  The important point to be observed here is, the task (queried using Taks ID) is no more running. Used ps -ef command to view the tasks.
  Please suggest me on this.
  Regards
  Vamshi

  Hi Gurus,
  In our Siebel 8.0 environment (Solaris), we have observed UCM Object Manager component crash due to a memory leak problem.
  Being this component is a Object Manager we were unable to login to the application using thin client.
  So we have re started the component through command prompt using shutdown and startup commands.
  The component is up and running now. We are able to open the application in thin client.
  But when I query for the active tasks of UCMObjMgr_enu component , the new tasks are visible in "Waiting for Command" status. But I could see the old tasks in "Cleaning Up" status.
  How to remove these old tasks.
  The important point to be observed here is, the task (queried using Taks ID) is no more running. Used ps -ef command to view the tasks.
  Please suggest me on this.
  Regards
  Vamshi