Blog Post

Intune Customer Success
2 MIN READ

Known issue with “Rename device” setting for Windows 10 devices in the Intune console

Intune_Support_Team's avatar
Intune_Support_Team
Silver Contributor
Mar 29, 2019

Updated 01/25/21 - You can now rename a co-managed device that is Azure AD joined. The “Rename device” setting is currently disabled for Hybrid Azure AD joined devices. Intune Engineering is continuing to work with our Windows and Azure Active Directory teams to investigate this feature and restore it’s functionality within Intune. Stay tuned to this blog for any future updates regarding this feature.

 

We’ve discovered an issue with a new feature that was recently released in the console. If you manage Windows 10 devices, you may have seen a new “Rename device” setting in the console to rename an enrolled Windows 10 device. We’ve found that the renaming flow using this setting might not complete on Windows devices that are joined to on premises Active Directory, including Hybrid Azure AD joined devices. This setting has now been temporarily disabled for Hybrid Azure AD joined devices to prevent device login errors.

 

Here’s the current experience in the Intune console. When you go to Devices > All Devices and choose a Windows device, you will see an option to rename the device. On renaming the device, the new name is reflected in the Intune console and in Azure AD. However, we’ve seen some cases where the new device name is not reflected in the on premises Active Directory.

 

This can result in login errors where a user may be able to log on to their device initially but may experience single sign-on (SSO) errors when they try to login again after a password change.

 

Engineering is still working to understand the cause and remediation. We've temporarily disabled this setting in the console for Hybrid Azure AD joined devices and Azure AD joined co-managed devices (you can now rename a co-managed device that is Azure AD joined) until we have a fix for this issue. Stay tuned to this post for more information as we investigate.

 

Blog post updates:

  • 5/17/19 - This post previously shared that the impact was limited to Hybrid Azure AD joined devices. We've since updated the post to include Azure AD co-managed devices.

  • 8/7/19 - We’ve received reports from customers around this issue. Engineering is still continuing to restore this feature within the console.
  • 1/17/20 - We've followed up with the team, and they are continuing to work with the respective teams on this feature.
  • 12/30/20 - Updated post on current investigation status.
  • 01/25/21 - Updated post that can now rename a co-managed device that is Azure AD joined.
Updated Dec 19, 2023
Version 12.0
Known Issue

50 Comments

Sort By
Show More
  • DeanBrightonNTT's avatar
    DeanBrightonNTT
    Copper Contributor
    Nov 18, 2019

    Can confirm that I am also having the rename issue. Windows 10 1909 and Hybrid AD Join. Is there a way to turn this feature off per tenant to prevent people breaking users' computers?

  • Stephan Mey's avatar
    Stephan Mey
    Copper Contributor
    Nov 13, 2019

    We are facing the same issue after renaming a test client via Intune -- "The security database on the server does not have a computer account for this workstation trust relationship."

  • simcpk's avatar
    simcpk
    Brass Contributor
    Nov 12, 2019

    It's still an issue for us.  I just renamed a hybrid joined device using the Intune console and now I get the following error when attempting to sign in to the device with an AD account -- "The security database on the server does not have a computer account for this workstation trust relationship."

  • Jim McKay's avatar
    Jim McKay
    Copper Contributor
    Nov 06, 2019

    It appeared to have been addressed at least for us.... my most recent hybrid joined autopilot box renamed fine... 

     

  • MHagreis's avatar
    MHagreis
    Copper Contributor
    Nov 06, 2019

    can we get an status update form someone form microsoft as this still a problem with or organization

  • taslanpour's avatar
    taslanpour
    Copper Contributor
    Oct 11, 2019

    Jim MCKAY 

    I'm having this issue only with my PowerShell scripts - When I deploy the script for AzureAD joined devices the script works perfectly and the computer name changes. But when the machine is a Hybrid domain joined device, the PS script fails. Of course, getting the reason for the failure is near impossible with the Intune portal so... I'm just stuck with it for now.

  • Jim McKay's avatar
    Jim McKay
    Copper Contributor
    Oct 11, 2019

    Any chance that what was done to block this functionality could be preventing hybrid joined  machines from being renamed period??? .... even locally from the machine itself? ... i have an autopilot joined machine that neither I (with domain admin priviledge and local admin) nor the end user (local admin) can apparently rename his machine... we both get "access denied" when we attempt to do so... the machine is here in the office. 

     

     

  • taslanpour's avatar
    taslanpour
    Copper Contributor
    Sep 13, 2019

    Any idea when this will be resolved? We would like to have the ability to rename computers from the Intune portal. Waiting anxiously on this!

  • Neil Petersen's avatar
    Neil Petersen
    Copper Contributor
    Aug 23, 2019

    Hi,

    Any update on this issue? we are still seeing updates to hybrid join devices still not being reflected within On-Premise AD.

     

    Thanks,

  • AlexandrosAP's avatar
    AlexandrosAP
    Brass Contributor
    Apr 02, 2019

    Hello Intune,

     

    we are having a very serious issue with Hybrid AAD Joined Windows 10 machines and our MDM users.

    They are able to see their Windows 10 Corporate-Owned Hybrid AAD Joined machines in the Company Portal and from there, issue a Refresh (Wipe) command! This is very dangerous as it allows end users to reset their assigned company machines through their mobile.

     

    I have already been informed by Intune Support that this is a known issue and should be resolved.

     

    The logic here should be that if a Windows 10 Domain Joined / Hybrid AAD joined machine is Corporate owned (GPO or SCCM used for automatic enrollment), the "Enrollment user" shouldn't be able to act against those systems. Only designated entities should.

     

    Please raise this case's impact as it could really cause issues where users unknowingly do such actions (rename should also be blocked for them) as these devices are not under their ownership, rather they are company resources.

     

    Thanks