Troubleshoot Enrollment Issues via Self Service Portal
Overview
When a user is successfully logged in into the Self Service Portal and he wants to start the enrollment, it might be that one of the following information is shown to the users.
- You are not authorized to access this system, please contact the system administrator to be added as an approved Smartphone or Tablet device user.
- This user has already a pending enrollment request
Cause Option 1: Missing E-mail attribute
The problem occurs typically by a missing E-Mail attribute in the Active Directory Object. Open the user object and look into General page and check if the E-Mail Field is filled out. When there isn't anything entered, the message from above is coming up.
Cause Option 2: Multiple Pending Enrollments
Login to your Silverback Management Console as an Administrator and navigate to Admin > Self Service Portal > One Time Passwords and review the option Allow Multiple Pending Enrollments. If it is disabled, navigate to Devices > Pending and validate if the user has already a pending enrollment. Press delete to remove the existing pending enrollment for the user.
Cause Option 3: Faulty LDAP Configuration
If you see the following message during enrollment process you need to check the LDAP Settings for Email field in Websettings and compare this value in from Active Directory. In your Active Directory open the User Object and navigate to Attribute Editor and review the values set into your LDAP configuration. Additionally review your LDAP Filter that it looks similar to this: (&(objectClass=user)(userPrincipalName={0}))
Learn how to enable the Attribute Editor
Cause Option 4: Other Reasons
- Review if your Cloud Connectors are present under Admin > Cloud Connectors
- Review your application pool in IIS, probably is has stopped
- Recheck the connectivity to your Domain Controller
- If you have a load balanced server, one of the cloud connectors could be faulty