deepblue/windows-itpro-docs
1
0
Fork 0
mirror of https://github.com/MicrosoftDocs/windows-itpro-docs.git synced 2025-06-29 17:23:44 +00:00
Code Issues Actions 3 Packages Projects Releases Wiki Activity

Removed unnecessary indentation in code; added missing </s:Envelope>

Browse Source
This commit is contained in:
Gary Moore
2021-07-13 20:59:31 -07:00
committed by GitHub
parent 40ce58718d
commit ce6231a203
1 changed files with 288 additions and 287 deletions
Download Patch File Download Diff File Expand all files Collapse all files

25
windows/client-management/mdm/federated-authentication-device-enrollment.md
View File

@ -89,8 +89,8 @@ https://EnterpriseEnrollment.Contoso.com/EnrollmentServer/Discovery.svc
The following example shows the discovery service request. The following example shows the discovery service request.
```xml ```xml
<?xml version="1.0"?> <?xml version="1.0"?>
<s:Envelope xmlns:a="http://www.w3.org/2005/08/addressing" <s:Envelope xmlns:a="http://www.w3.org/2005/08/addressing"
xmlns:s="http://www.w3.org/2003/05/soap-envelope"> xmlns:s="http://www.w3.org/2003/05/soap-envelope">
<s:Header> <s:Header>
<a:Action s:mustUnderstand="1"> <a:Action s:mustUnderstand="1">
@ -119,7 +119,7 @@ The following example shows the discovery service request.
</request> </request>
</Discover> </Discover>
</s:Body> </s:Body>
</s:Envelope> </s:Envelope>
``` ```
The discovery response is in the XML format and includes the following fields: The discovery response is in the XML format and includes the following fields:
@ -196,7 +196,7 @@ The server has to send a POST to a redirect URL of the form ms-app://string (the
The following example shows a response received from the discovery web service which requires authentication via WAB. The following example shows a response received from the discovery web service which requires authentication via WAB.
```xml ```xml
<s:Envelope xmlns:s="http://www.w3.org/2003/05/soap-envelope" <s:Envelope xmlns:s="http://www.w3.org/2003/05/soap-envelope"
xmlns:a="http://www.w3.org/2005/08/addressing"> xmlns:a="http://www.w3.org/2005/08/addressing">
<s:Header> <s:Header>
<a:Action s:mustUnderstand="1"> <a:Action s:mustUnderstand="1">
@ -226,7 +226,7 @@ The following example shows a response received from the discovery web service w
</DiscoverResult> </DiscoverResult>
</DiscoverResponse> </DiscoverResponse>
</s:Body> </s:Body>
</s:Envelope> </s:Envelope>
``` ```
## Enrollment policy web service ## Enrollment policy web service
@ -251,7 +251,7 @@ The &lt;wsse:BinarySecurityToken&gt; element contains a base64-encoded string. T
The following is an enrollment policy request example with a received security token as client credential. The following is an enrollment policy request example with a received security token as client credential.
```xml ```xml
<s:Envelope xmlns:s="http://www.w3.org/2003/05/soap-envelope" <s:Envelope xmlns:s="http://www.w3.org/2003/05/soap-envelope"
xmlns:a="http://www.w3.org/2005/08/addressing" xmlns:a="http://www.w3.org/2005/08/addressing"
xmlns:u="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd" xmlns:u="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd"
xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd" xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd"
@ -288,7 +288,7 @@ The following is an enrollment policy request example with a received security t
<requestFilter xsi:nil="true"/> <requestFilter xsi:nil="true"/>
</GetPolicies> </GetPolicies>
</s:Body> </s:Body>
</s:Envelope> </s:Envelope>
``` ```
After the user is authenticated, the web service retrieves the certificate template that the user should enroll with and creates enrollment policies based on the certificate template properties. A sample of the response can be found on MSDN. After the user is authenticated, the web service retrieves the certificate template that the user should enroll with and creates enrollment policies based on the certificate template properties. A sample of the response can be found on MSDN.
@ -301,7 +301,7 @@ MS-XCEP supports very flexible enrollment policies using various Complex Types a
The following snippet shows the policy web service response. The following snippet shows the policy web service response.
```xml ```xml
<s:Envelope <s:Envelope
xmlns:u="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd" xmlns:u="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd"
xmlns:s="http://www.w3.org/2003/05/soap-envelope" xmlns:s="http://www.w3.org/2003/05/soap-envelope"
xmlns:a="http://www.w3.org/2005/08/addressing"> xmlns:a="http://www.w3.org/2005/08/addressing">
@ -374,7 +374,7 @@ The following snippet shows the policy web service response.
</oIDs> </oIDs>
</GetPoliciesResponse> </GetPoliciesResponse>
</s:Body> </s:Body>
</s:Envelope> </s:Envelope>
``` ```
## Enrollment web service ## Enrollment web service
@ -393,7 +393,7 @@ The RST may also specify a number of AdditionalContext items, such as DeviceType
The following example shows the enrollment web service request for federated authentication. The following example shows the enrollment web service request for federated authentication.
```xml ```xml
<s:Envelope xmlns:s="http://www.w3.org/2003/05/soap-envelope" <s:Envelope xmlns:s="http://www.w3.org/2003/05/soap-envelope"
xmlns:a="http://www.w3.org/2005/08/addressing" xmlns:a="http://www.w3.org/2005/08/addressing"
xmlns:u="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd" xmlns:u="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd"
xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd" xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd"
@ -470,6 +470,7 @@ The following example shows the enrollment web service request for federated aut
</ac:AdditionalContext> </ac:AdditionalContext>
</wst:RequestSecurityToken> </wst:RequestSecurityToken>
</s:Body> </s:Body>
</s:Envelope>
``` ```
After validating the request, the web service looks up the assigned certificate template for the client, update it if needed, sends the PKCS\#10 requests to the CA, processes the response from the CA, constructs an OMA Client Provisioning XML format, and returns it in the RequestSecurityTokenResponse (RSTR). After validating the request, the web service looks up the assigned certificate template for the client, update it if needed, sends the PKCS\#10 requests to the CA, processes the response from the CA, constructs an OMA Client Provisioning XML format, and returns it in the RequestSecurityTokenResponse (RSTR).
@ -495,7 +496,7 @@ Here is a sample RSTR message and a sample of OMA client provisioning XML within
The following example shows the enrollment web service response. The following example shows the enrollment web service response.
```xml ```xml
<s:Envelope xmlns:s="http://schemas.xmlsoap.org/soap/envelope/" <s:Envelope xmlns:s="http://schemas.xmlsoap.org/soap/envelope/"
xmlns:a="http://www.w3.org/2005/08/addressing" xmlns:a="http://www.w3.org/2005/08/addressing"
xmlns:u="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd"> xmlns:u="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd">
<s:Header> <s:Header>
@ -531,7 +532,7 @@ The following example shows the enrollment web service response.
</RequestSecurityTokenResponse> </RequestSecurityTokenResponse>
</RequestSecurityTokenResponseCollection> </RequestSecurityTokenResponseCollection>
</s:Body> </s:Body>
</s:Envelope> </s:Envelope>
``` ```
The following code shows sample provisioning XML (presented in the preceding package as a security token): The following code shows sample provisioning XML (presented in the preceding package as a security token):