Forum Discussion
Solved
Hybrid AAD devices have stopped auto-enrolling with Intune
We have been using a Hybrid AAD scenario for a few years, and then a couple of years ago we began using Intune. Everything has been working, but in the last month or so we noticed systems were not en...
Found a response on another forum about Group Policy needing to be replaced with the same rule, just rebuilt. Our Group Policy had always been User Credential, but to test I switched to Device Credential and then any machine that was rebound to the domain would then go through the full process of joining EntraID and then eventually Intune. Am going to experiment with a seperate GPO that goes back to User Credentials but is all new and see if that works. No idea why a GPO would suddenly stop working that is so basic, but it appears that "refreshing" it solves the issue.
Are the devices successfully Entra ID hybrid joined? Have you checked the user registration event log and\or run the dsregcmd status\debug mode to see where the process is failing?
They are joining Entra with no issues. We can find all of them. Checked the enrollment errors in Intune but it is not showing any except for those we expect from BYOD devices we are blocking. What am I looking for in the DSREG output? I am seeing that it is AzureADJoined, and it shows the MDM URL.