3.1.5.1 Provision Command
The Provision command enables client devices to send the server information about the device, to request from the server the security policy settings set by the server administrator, and to report on the status of a remote wipe directive.
The provisioning process has two phases: an initial phase consisting of a Provision command request sent by the client followed by an initial server response, then an acknowledgment phase consisting of a Provision command request sent by the client with an acknowledgment of the initial server response, followed by another server response.
Clients SHOULD begin the provisioning process in the following scenarios:
-
When contacting the server for the first time.
-
When the server returns a status code<3> from any command indicating that the client needs to re-provision.
-
When the server returns a status code from any command requesting a remote wipe.
The format of the Provision command request and response differs based on the context in which it is used. The contexts for the Provision command are:
-
The initial request, as specified in section 3.1.5.1.1.
-
Acknowledging security policy settings, as specified in section 3.1.5.1.2.1.
-
Acknowledging a remote wipe directive, as specified in section 3.1.5.1.2.2.
The current security policy settings on the client are represented by the current policy key, which is sent to the server in the X-MS-PolicyKey header ([MS-ASHTTP] section 2.2.1.1.2.6) if the client is using a plain text query value, as specified in [MS-ASHTTP] section 2.2.1.1.1.2, or the Policy key field of the base64 encoded query value ([MS-ASHTTP] section 2.2.1.1.1.1) if the client is using a base64 encoded query value. The policy key is sent to the server for all protocol command requests except for the Autodiscover command ([MS-ASCMD] section 2.2.2.1), the Ping command ([MS-ASCMD] section 2.2.2.11), and the HTTP OPTIONS command ([MS-ASHTTP] section 2.2.3).
