Mac OS X 10.14.4 - Server 5.8
I am trying to add devices to the server to manage them, the server is set up, the certificates as well, the Trust profile and the enrollment profiles are set, but when i try to Enroll a device - either macOS or iOS, I get errors about the device not able to communicate with the server.
on iOS:
First error: Profile Failed to Install
Second error, if I retry: the SCEP server returned an invalid response
for Mac OS Error: Profile installation failed. An SSL error has occurred and a secure connection to the server could not be made Funnily enough for those devices, they actually appear in the list of devices on the profile manager with the serial number but they have a "forbidden" sign on the side and cannot apply any policy to them.
Note: I run a network with multiple VLANs managed by a pfsense firewall array and tried to monitor the traffic but couldn't see any dropped packages, although I'm not very experienced with it.
my main original issue is to disable the ability for people from writing to USB devices ports on a set of MAC computers I have in my network
I already tried to do this via disabling the extensions but this is not working https://stackoverflow.com/questions/30347908/mac-os-x-10-10-yosemite-disable-usb-ports
p.s. I also saw Disk Arbitrator but wouldn't be sauitable https://github.com/aburgh/Disk-Arbitrator
Advices, tips, anything is welcome as i'm getting quite impatient with this. Thanks!