Forum Discussion
Solved
MDM Session: OMA-DM message failed to be sent. Result: (Unknown Win32 Error code: 0x80072efe).
I'm having an issue with some devices in our environment enrolling successfully into Intune. Here is the lay of the land. 1. Devices are hybrid joined. 2. Using GPO to enforce auto-enrollm...
We believe we figured this out. We are still monitoring it but we believe that SSL decryption was the cause of this. Even though the Microsoft articles say to not do it to https://device.login.microsoftonline.com we tried that with no success we had to exclude all Microsoft traffic from being decrypted on our firewall via a Dynamic List. Hope this helps someone out!
Article in reference was https://learn.microsoft.com/en-us/azure/active-directory/devices/howto-hybrid-azure-ad-join that mentioned just that one URL.We also prevented our PCs from being Azure AD Registered as Hybrid was our preferred method and we set the following registry key.
HKLM\SOFTWARE\Policies\Microsoft\Windows\WorkplaceJoin "BlockAADWorkplaceJoin"=dword:00000001
Sounds like a fun issue! 🙂 ... looking at the error it just tells you WININET_E_CONNECTION_ABORTED
If you could share logs, I could take a look at it...
If you could share logs, I could take a look at it...
- Thanks for the reply!
Any specific logs you are wanting?- depends.... 🙂
Try to sync the device and run this command (will fetch all logs... ms also uses it 🙂 )
wget https://aka.ms/intuneps1 -outfile IntuneODCStandAlone.ps1
powerShell -ExecutionPolicy Bypass -File .\IntuneODCStandAlone.ps1- Private message sent! Thanks!