deepblue/windows-itpro-docs
1
0
Fork 0
mirror of https://github.com/MicrosoftDocs/windows-itpro-docs.git synced 2025-05-12 05:17:22 +00:00
Code Issues Actions 2 Packages Projects Releases Wiki Activity

Removed unnecessary indentation in code; added missing </s:Envelope>

Browse Source
This commit is contained in:
Gary Moore 2021-07-13 20:59:31 -07:00 committed by GitHub
parent 40ce58718d
commit ce6231a203
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 288 additions and 287 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

25
windows/client-management/mdm/federated-authentication-device-enrollment.md
View File

@ -89,8 +89,8 @@ https://EnterpriseEnrollment.Contoso.com/EnrollmentServer/Discovery.svc
The following example shows the discovery service request.
```xml
<?xml version="1.0"?>
<s:Envelope xmlns:a="http://www.w3.org/2005/08/addressing"
<?xml version="1.0"?>
<s:Envelope xmlns:a="http://www.w3.org/2005/08/addressing"
xmlns:s="http://www.w3.org/2003/05/soap-envelope">
<s:Header>
<a:Action s:mustUnderstand="1">
@ -119,7 +119,7 @@ The following example shows the discovery service request.
</request>
</Discover>
</s:Body>
</s:Envelope>
</s:Envelope>
```
The discovery response is in the XML format and includes the following fields:
@ -196,7 +196,7 @@ The server has to send a POST to a redirect URL of the form ms-app://string (the
The following example shows a response received from the discovery web service which requires authentication via WAB.
```xml
<s:Envelope xmlns:s="http://www.w3.org/2003/05/soap-envelope"
<s:Envelope xmlns:s="http://www.w3.org/2003/05/soap-envelope"
xmlns:a="http://www.w3.org/2005/08/addressing">
<s:Header>
<a:Action s:mustUnderstand="1">
@ -226,7 +226,7 @@ The following example shows a response received from the discovery web service w
</DiscoverResult>
</DiscoverResponse>
</s:Body>
</s:Envelope>
</s:Envelope>
```
## Enrollment policy web service
@ -251,7 +251,7 @@ The &lt;wsse:BinarySecurityToken&gt; element contains a base64-encoded string. T
The following is an enrollment policy request example with a received security token as client credential.
```xml
<s:Envelope xmlns:s="http://www.w3.org/2003/05/soap-envelope"
<s:Envelope xmlns:s="http://www.w3.org/2003/05/soap-envelope"
xmlns:a="http://www.w3.org/2005/08/addressing"
xmlns:u="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd"
xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd"
@ -288,7 +288,7 @@ The following is an enrollment policy request example with a received security t
<requestFilter xsi:nil="true"/>
</GetPolicies>
</s:Body>
</s:Envelope>
</s:Envelope>
```
After the user is authenticated, the web service retrieves the certificate template that the user should enroll with and creates enrollment policies based on the certificate template properties. A sample of the response can be found on MSDN.
@ -301,7 +301,7 @@ MS-XCEP supports very flexible enrollment policies using various Complex Types a
The following snippet shows the policy web service response.
```xml
<s:Envelope
<s:Envelope
xmlns:u="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd"
xmlns:s="http://www.w3.org/2003/05/soap-envelope"
xmlns:a="http://www.w3.org/2005/08/addressing">
@ -374,7 +374,7 @@ The following snippet shows the policy web service response.
</oIDs>
</GetPoliciesResponse>
</s:Body>
</s:Envelope>
</s:Envelope>
```
## Enrollment web service
@ -393,7 +393,7 @@ The RST may also specify a number of AdditionalContext items, such as DeviceType
The following example shows the enrollment web service request for federated authentication.
```xml
<s:Envelope xmlns:s="http://www.w3.org/2003/05/soap-envelope"
<s:Envelope xmlns:s="http://www.w3.org/2003/05/soap-envelope"
xmlns:a="http://www.w3.org/2005/08/addressing"
xmlns:u="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd"
xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd"
@ -470,6 +470,7 @@ The following example shows the enrollment web service request for federated aut
</ac:AdditionalContext>
</wst:RequestSecurityToken>
</s:Body>
</s:Envelope>
```
After validating the request, the web service looks up the assigned certificate template for the client, update it if needed, sends the PKCS\#10 requests to the CA, processes the response from the CA, constructs an OMA Client Provisioning XML format, and returns it in the RequestSecurityTokenResponse (RSTR).
@ -495,7 +496,7 @@ Here is a sample RSTR message and a sample of OMA client provisioning XML within
The following example shows the enrollment web service response.
```xml
<s:Envelope xmlns:s="http://schemas.xmlsoap.org/soap/envelope/"
<s:Envelope xmlns:s="http://schemas.xmlsoap.org/soap/envelope/"
xmlns:a="http://www.w3.org/2005/08/addressing"
xmlns:u="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd">
<s:Header>
@ -531,7 +532,7 @@ The following example shows the enrollment web service response.
</RequestSecurityTokenResponse>
</RequestSecurityTokenResponseCollection>
</s:Body>
</s:Envelope>
</s:Envelope>
```
The following code shows sample provisioning XML (presented in the preceding package as a security token):