Forum Discussion
Flo-KKIT
Dec 12, 2024Copper Contributor
Intune enrollment of a device wiped from Intune
Description of the problem:
We are facing an issue with a Windows device that was previously manually deleted from Intune and Microsoft Entra ID. The device was originally configured correctly as Microsoft Entra hybrid joined.
Current status:
- Device status in Microsoft Entra ID:
- The device was visible in the Entra ID after deletion twice:
- Microsoft Entra hybrid joined
- Microsoft Entra registered
- We deleted the Microsoft Entra registered entry, but the hybrid join entry was still present.
- Actions taken:
- The device was connected to the company network.
- The dsregcmd /leave command was executed to reset the Azure AD status.
- After a restart, the device was successfully hybrid-joined again (via Azure AD Connect).
- MDM group policy is enabled:
- The Automatic enrollment with Azure AD policy is configured and applied.
- Expectation: The device should automatically re-enroll in Intune after the restart.
- Result:
- The device does not reappear in Intune.
- Enrollment is not triggered automatically, although all prerequisites appear to be met.
Objective:
We urgently need support to find out:
- How can we re-enroll Windows devices that were previously deleted from Intune?
- Is a manual action required, or can this be automated?
- What additional steps or configurations are necessary to force MDM enrollment?
Additional information:
- Operating system: Windows 11 23H2
- Status of dsregcmd /status:
- AzureAdJoined: YES
- DomainJoined: YES
- Group policies:
- Automatic enrollment with Azure AD is enabled and applied.
- ToniGCopper Contributor
Hi everyone,
I am experiencing the same issue. I deleted the devices from Entra ID that were directly registered in Entra, and they subsequently disappeared from Intune. This happened with the first set of devices. Once I noticed the problem, I deleted them before enrolling into Intune, but now I need to fix the initial devices. Has anyone found a solution to this problem?
Thank you!
- AnkidoIron Contributor
Hi, you can re-register them if you have properly removed them. By "properly," I mean:
- Deleting the hash and serial numbers for the devices.
The reason for this is that if you try to re-register devices and their serial numbers, the process will fail because Intune recognizes the serial numbers and will complain that the devices are already registered. - Have you used the "Wipe" option?The wipe performs a complete reset to the device's factory settings:
- Deletes all personal and corporate data
- Deletes all settings and applications
- Unregisters the device from Azure AD and Intune
- Returns the device to its original state
- Wipe:
Steps to Verify:
- Check Intune > Devices > Windows to see if the devices are removed.
- Check Intune > Devices > Enrollment and scroll down to Windows Autopilot > Devices to verify if the serial numbers are deleted.
- As you mentioned earlier, also check Entra ID > Devices.
For example, I have re-registered my Windows 11 device that I used in Hyper-V 15 times without any issues.
One more thing: check the Device Restrictions policy. By default, it allows up to 15 devices per user. If this policy has been modified to, say, 2 devices per user, the user might have already reached the limit.
Let me know if you need further help!
- Deleting the hash and serial numbers for the devices.
- rahuljindal-MVPBronze Contributor
If the hybrid join is successful and the issue is only with Intune enrolment then I’ll suggest to check the device management event logs to see if the device is receiving the mdm url and authentication token from AAD for enrolment or not.