Forum Discussion
Issues with Windows 11 Autopilot Hybrid Joined Since last Week
Hi all,
as of Thursday 4th December our Windows 11 Autopilot (Hybrid Joined) has ceased functioning. On the very first step, after the user attempts to enter their username&password, we can see the deployment profile gets downloaded to the device but then everything immediately stops with error "Something went wrong. Confirm you are using the correct sign-in information and that your organisation uses this feature. You can try and do this again and contact your system administrator with the error code 800004005". We can see that the ODJ process never starts. And we think we're seeing errors with the device reading the deployment profile JSON locally.
Has anyone else had any errors? Wondering if Microsoft have made a change somewhere or have issues.
6 Replies
We’ve been experiencing multiple issues with Autopilot pre-provisioning using the Hybrid Join profile in our tenant over the past few weeks.
- Various applications deployed during device setup are failing inconsistently across different devices.
- The user flow is taking hours to complete and often does not bring users to the desktop. The microsoft-windows-user device registration-admin.evtx log does not show any errors explaining why users are unable to sign in.
Our Intune connector for active directory is up to date (version 6.2505.2001.2)
Please any suggestions on additional steps we can take?
ThanksIs the device join profile applying correctly? Also, if it the process is reporting failure against installation of applications, then I would start checking there first.
biggingerdazza We ran into the same problem and fixed it. Its because your Intune Connector for Active Directory is in error mode. As of the 4th December, if you were using the old connector, it won't process anymore AD joins/computer object creations.
Go to Intune, Devices, Enrolment, Windows, Intune Connector for AD. You'll see its in an error state. You'll see a link above to an Intune blog with instructions.
Effectively...
- Uninstall old legacy connector on Windows server
- Install new connector on Windows server (can be the same machine)
- Within the connector, login with an account which has Intune Admin minimum AND Intune license.
- This is new - OU placement via script - if you want the process to place new computer objects into specific OU
- This is new - create a new managed service account which will do the ODJ
This may require a deep dive, but you can start by checking for some basics - is the device assigned with an AP profile? Has the process ever worked? Do you need to check for the Intune endpoints for network\FW connectivity etc?
Yes it is assign with AP profile.
Yes - it worked for 300+ devices until Thursday morning.
I think FW rules are fine... this has been working for months. Entra AD Sync devices green healthy statusSee if this is affecting you or not.
