Share via

3.6.4.2.1.1 Asynchronous Enrollment Request

  • Article

To enable "airgap" networks that do not have Internet connectivity, the Enroll SOAP request can be written to an ASCII text file (using a SOAP-compatible encoding format) and submitted asynchronously at https://activation.drm.microsoft.com/offlineenroll/Enrollment.aspx.

The request message MUST be sent as an ASCII text file with no additional headers or footers. This schema MUST be adhered to exactly.

 <?xml version="1.0"?>
 <s:schema targetNamespace="http://microsoft.com/DRM/EnrollmentService"
     elementFormDefault="qualified"
     xmlns:xsd="http://www.w3.org/2001/XMLSchema">
   
   <s:import namespace="http://microsoft.com/DRM/EnrollmentService"/>
   <s:complexType name="EnrollParameters"
                  xmlns:xsd="http://www.w3.org/2001/XMLSchema"
                  xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
     <s:element name="RevocationInformation"
                type="tns:EnrolleeRevocationInformation"/>
     <s:element name="CertificatePublicKey"
                type="tns:EnrolleeCertificatePublicKey"
                xmlns="http://microsoft.com/DRM/EnrollmentService">/>
     <s:element name="EnrolleeInformation"
                type="tns:EnrolleeServerInformation"
                xmlns="http://microsoft.com/DRM/EnrollmentService">/>
    </s:complexType>
 </s:schema>

EnrollmentParameters.RevocationInformation: MUST be an EnrolleeRevocationInformation (section 3.6.4.2.4.2) complex type. The RevocationType element MUST be either "StandardRevocation" or "CustomRevocation", specified as a string. "StandardRevocation" indicates that the issuer can revoke the SLC. "CustomRevocation" indicates that a third party specified by aRevocationAuthorities  can revoke the SLC. "StandardRevocation" is recommended. The aRevocationAuthorities element MUST exist only if RevocationType is set to "CustomRevocation" and MUST be empty otherwise. If RevocationType is set to "CustomRevocation", this MUST contain one or more RevocationAuthorityInformation elements, as specified in section 3.6.4.2.4.5.

EnrollmentParameters.CertificatePublicKey: MUST be an EnrolleeCertificatePublicKey (section 3.6.4.2.4.1) complex type. The aPublicKeyBytes element MUST contain the server's RSA PKCS#1-encoded public key as a base64-encoded string. GUID MUST be a unique GUID that identifies the server, represented as a literal ASCII string enclosed in braces.

EnrollmentParameters.EnrolleeInformation: MUST be an EnrolleeServerInformation (section 3.6.4.2.4.3) complex type. Version contains version information. The enrollment service validates that Version is not NULL and is not an empty string.  The SKU, Name, and URL elements are ignored by the enrollment service.