I do not know the answer to your question but I moved your thread to the specific section of the community.
Seem to be having a similar issue. I dont have any iOS 4 devices to test on but i do know that on iOS 5 devices we are not seeing policies being pushed down to device if they are assigned via mapping to an AD group.
The only way payloads come down is if they are configured in the global "enrollment profile".
I can get the MDM secure cert installed only via the global enrollment configuration. You could try to do it this way.
If i try to install this via a Policy linked to an AD group the cert will not install correctly.
Regardless of how i install the MDM secure cert policies applied to a group will not load on the device.
Not exactly sure as to what you need to do, however I will say that we do have issues sometimes getting the profiles to pull down when registering the device with the Agent. Sometimes we have to reset the agent on the device a few times and then it pulls down.
To address Pacific's post, we have ours tied to the AD groups and it is working fine in terms of payloads and such. The only snafu we run into is having to re-enroll a device from time to time during setup
Hi, i have experienced a similar issue and it was down to how i enrolled a device. you need to put the username is the following way "domain\user.name" if you just put in "user.name" the device will enroll, but no policies with the exception of the enrollment policy will hit the device.
This only seems to affect iOS devices as the Android client has a specific field for the domain.
Yes the domain\username entry also ensured our profiles deployed via AD groups were pushed down also.
I'hav similar probleme, whitout policie applyed,
if you hav this message witch you double-clic on you domain (in Users admin) (unable to obtain DNS hostname of active Directory domain controller withobject name ..., apply this procedure on the Domain controller mentionned (Resolve 2)
for us, all policies are directly appliqued after this procedure