Forum Discussion

TGreen880's avatar
TGreen880
Copper Contributor
Apr 13, 2023

Failed to create MacOS Enrollment Profile

Hello hoping someone out there might have encountered this or have some advice..

 

I am trying out Intune in combination with Apple Business Manager (ABM). I followed the guides on setting up ABM with our Azure AD and Intune environments, created the required MDM Push Certificates, VPP tokens, etc.

 

I was able to setup the Intune MDM successfully in Intune and ABM, and created an iOS device enrollment profile in Intune which worked well and was able to automatically enroll an iPhone and successfully deploy the company portal app and other apps to it.

 

The issue I'm having is when I go to create the MacOS device Enrollment profile in Intune I select the existing MDM program token and go thru the process but it fails to create the MacOS enrollment profile and instead I get an error "Failed to create <profile name here>". I've tried various settings with the enrollment profile, I even created a new apple enrollment token and tried to setup the MacOS profile with the new token but I get the same error.

 

I followed the article https://learn.microsoft.com/en-us/mem/intune/enrollment/device-enrollment-program-enroll-macos and don't see any missing steps... I've got the company portal app configured with the PKG as a LOB but it won't even get that far since there isn't an enrollment profile to automatically enroll the MacOS device into Intune. The device however is getting sync'd from ABM and is visible under the Apple enrollment token's device list. Granted I could manually install the Company Portal to enroll the mac with Intune but I am trying to automate this process as best as I can and use the enrollment profile to do so.

 

Any advice or direction you might suggest? From what I can tell everything seems setup correctly... and iOS/Windows devices are working fine its just MacOS I'm stuck on.

 

Thank you in advance.

  • Issue is now shown in Service health:

    Title: Users are unable to edit or create an Apple ADE profile for MacOS using Microsoft Intune

    User impact: Users are unable to edit or create an Apple ADE profile for MacOS using Microsoft Intune.

    Current status: We identified a configuration change after a recent service update that is causing exceptions with editing and creating Apple ADE profiles. We're working to develop and validate a fix to revert the configuration and remediate impact.

    Scope of impact: Your organization is affected by this event, and users who are attempting to edit or create an Apple Automated Device Enrollment (ADE) profile for MacOS using Microsoft Intune are impacted.

    Start time: Tuesday, April 4, 2023, 10:17 PM (8:17 PM UTC)

    Root cause: A recent service update contained a configuration change for Apple ADE profiles that is causing exceptions.

    Next update by: Tuesday, April 18, 2023, 11:00 AM (9:00 AM UTC)
  • JelleK97's avatar
    JelleK97
    Copper Contributor
    They fixed the issue. I'm able to create MacOS enrollment profiles again.
    • TGreen880's avatar
      TGreen880
      Copper Contributor
      Thanks! I'll give it a whirl this afternoon.
      I appreciate everyone's help!
  • JelleK97's avatar
    JelleK97
    Copper Contributor

    I am having the same issue

     

    Edit: If you followed the steps in the article, it should work, I succesfully created profiles like this earlier, but is not working anymore, I'm getting the same error now.

     

    I reported an issue in Microsoft 365 service health, but it has a state of no issues found. If it's still broken next week I will open a support ticket with Microsoft. 

     

     

     

    • fecg_admin's avatar
      fecg_admin
      Copper Contributor
      Just a quick update, I initiated a support ticket with Microsoft and they confirmed that they were able to reproduce the problem. Apparently this is currently a bug on the platform that has not yet been publicly published to the health status page. They expect that to be published by Monday.
      • Martin Front's avatar
        Martin Front
        Brass Contributor

        fecg_admin have you recieved any updates. Trying to create a profile now and have the same issue.

         

        We have a couple of MAC´s waiting for the profile to be able to enroll them and send them out to users...

  • JelleK97's avatar
    JelleK97
    Copper Contributor
    Issue is now shown in Service health:

    Title: Users are unable to edit or create an Apple ADE profile for MacOS using Microsoft Intune

    User impact: Users are unable to edit or create an Apple ADE profile for MacOS using Microsoft Intune.

    Current status: We identified a configuration change after a recent service update that is causing exceptions with editing and creating Apple ADE profiles. We're working to develop and validate a fix to revert the configuration and remediate impact.

    Scope of impact: Your organization is affected by this event, and users who are attempting to edit or create an Apple Automated Device Enrollment (ADE) profile for MacOS using Microsoft Intune are impacted.

    Start time: Tuesday, April 4, 2023, 10:17 PM (8:17 PM UTC)

    Root cause: A recent service update contained a configuration change for Apple ADE profiles that is causing exceptions.

    Next update by: Tuesday, April 18, 2023, 11:00 AM (9:00 AM UTC)
  • fecg_admin's avatar
    fecg_admin
    Copper Contributor
    We are also having this issue right now. I was able to create iPad enrollment profiles and got those working, but cannot create a profile for our new Mac Mini.

    I get the same error: "Failed to create [profile name]" with no further explanation.
  • bingbongboom's avatar
    bingbongboom
    Copper Contributor

    Same issue with our tenant. I have opened a support request as our TAM said they did not see a global issue created yet. 

  • kt9084's avatar
    kt9084
    Copper Contributor
    I had the same issue. Talked to support today. Guy called me back a couple of times but he clearly had no clue what to do. Not mad at him. Hopefully this is resolved soon because I have macs waiting to be enrolled.
  • Martin Front's avatar
    Martin Front
    Brass Contributor

    Anyone know if we could create a profile through PowerShell? Have asked the technician we have on the case but no answer 😞