Forum Discussion

Nayuta's avatar
Nayuta
Copper Contributor
Aug 06, 2019

Autopilot profile is not assigned if a device already registered Azure AD

When import device information for Autopilot, if the devices already registered to Azure AD, the profile status in Windows Autopilot devices have not changed from ”Not Assigned”.

 

After deleting the device from both Autopilot devices and Azure AD, and import again, it has changed to ”Assigned”.

 

It is the same behavior at import csv file, which created by PowerShell script manually or use Autopilot profile to convert targeted devices.

 

Note that we had not applied Autopilot enrollment to all devices, and we use a security group referring ”ZTDId”. And a security group specified Azure AD devices for convert.

 

And, it seems when import csv file to Autopilot, devices register to Azure AD automatically. If we remove it from Azure AD, the device information will not re-register automatically. Or will it work with the security group of all Azure AD device?

 

I want to know:
1. Import Autopilot information of devices that already registered to Azure AD does it work?
2. With the security group reference ZTDId, does it work?
3. The best practice to register Autopilot information, that device already registered to Azure AD and Intune

 

Thank you for reading. If you know anything about it, please teach me.

  • Tim Miller's avatar
    Tim Miller
    Copper Contributor

    Nayuta I was having the same issue even after removing, re-importing, etc... I was able to go to Microsoft 365 Admin center (admin.microsoft.com) and click on Devices > Autopilot and then select the device and update the profile applied. Took about 15 min or so and the devices now show assigned in Intune Autopilot devices (endpoint.microsoft.com) 

  • BishBoshBish's avatar
    BishBoshBish
    Copper Contributor
    Spent a few hours on this one, boiling my noodle...
    Trick is to: (with the device still in AutoPilot, not deleted)
    Look in Windows Autopilot devices in MEM.
    Search for the serial of your machine, select it.
    When the side bar opens with all the info of the device, look at the Computer Name of the Associated Azure AD device.
    Make a note of that..
    Now you can delete the Serial in Windows Autopilot devices. Wait while that happens.
    Go in to AzureAD - Devices. Search for the rouge Associated Azure AD device (from above)
    Delete it. (You can delete it now the associated Windows Autopilot device has been deleted)
    (If the delete button is not available then the associated Windows Autopilot devices still exists)

    Now you can upload your device HWID back in to Windows Autopilot devices.
    Wait for it to be associated, then do a build.

    BA BA BA BA Bingo!!!
    Hope it helps you guys.
    Bish.
    • ChrisPBacon8675309's avatar
      ChrisPBacon8675309
      Copper Contributor

      BishBoshBish 

      This is the way. None of the other recommendations worked but sure enough, did exactly as you described and bam, refreshed and it flipped from Not Assigned to Assigned. You da real MVP.

  • scubaAl's avatar
    scubaAl
    Copper Contributor
    I notice this is over a year old - but I am still encountering the same issue. Did anyone get a definitive fix - or is it still a known issue?
    • Marcos_Paula's avatar
      Marcos_Paula
      Copper Contributor
      I think I just realized how to solve this issue.
      I went to the deployment profile (with the dynamic group), click to edit the basics information, add some text there in description box and save. The deployment will reload and update devices in autopilot table. Now all are assigned. For me it worked.
      • amawji's avatar
        amawji
        Copper Contributor
        Thank you Marcos I still have no idea why this works but it does.
    • Matthias Haldimann's avatar
      Matthias Haldimann
      Copper Contributor

      scubaAl I also still encounter the same issue. A workaround that mostly works is deleting the device from the tenant first, registering it for Autopilot (using csv or graph api), then doing a local windows reset on the device.

    • Nayuta's avatar
      Nayuta
      Copper Contributor
      Hi scubaAI,

      In my environment, it works fine.

      Currently, I convert devices by autopilot profile and use groups to assign autopilot profiles. Profiles assignment needs some wait time.

      Nayuta
  • Moe_Kinani's avatar
    Moe_Kinani
    Bronze Contributor
    Hi Nayuta,

    This is normal behavior, if you importing the devices using csv file, you need to make sure that the devices do not exist in Azure AD at all. If you have existing devices and you want to apply Auto Enrollment Deployment Profile, you just need hit yes on ‘Convert all Targeted device to Auto Pilot’.

    Hope I’m understanding your scenario correctly!

    Moe

    https://www.google.com/amp/s/secureinfra.blog/2019/10/31/convert-all-targeted-devices-to-autopilot/amp/
    • LurkingMedal140's avatar
      LurkingMedal140
      Copper Contributor

      Moe_Kinani 

       

      In my instance, the property 'Convert all targeted devices to Autopilot' is already configured to yes. 

       

      However, Devices registered for autopilot are not pulling a profile. 

       

      Thanks 

      • Moe_Kinani's avatar
        Moe_Kinani
        Bronze Contributor

        LurkingMedal140 

         

        Could you add the PCs to regular Security group and assign them to the deployment profile? It might be the dynamic group somehow dropping the PCs.

         

        Moe

  • LurkingMedal140's avatar
    LurkingMedal140
    Copper Contributor

    Having the same issues here (UK) 

    When importing Devices into the Autopilot, any devices using the [ZTDId] are not having profiles assigned. 

     

    I have also noted the 'sync', is roughly instant, this is abnormal as usually, it takes a few minutes before successful sync is reported

    Nayuta 

Resources