Forum Discussion
MDM Session: OMA-DM session ended with status: (Unknown Win32 Error code: 0x80072f0c)
martingroenHey, I worked on this today and was able to resolve it on several computers without resorting to reinstalling Windows, if you are interested. First, I removed the computers from the AAD Connect sync and GPO scope and completely purged them from Intune and AAD. I then ran dsregcmd /leave from an elevated command prompt on each workstation console. Next, navigate to the following registry hive on each impacted workstation: HKLM\SOFTWARE\Microsoft\Enrollments. Delete as many GUID-named keys as possible from this directory (example attached). Ignore any keys that cannot be deleted. Now restart the workstation and add it back to the AAD Connect sync and GPO containers/groups. Once I logged back in with a MEM-licensed AAD user (user auto enrollment), my devices were once again managed by Intune within the next ~15 minutes. Good luck and thanks for your collaboration on this!
martingroen Did you ever get any help for this? I am having the exact same problem, thanks
NFederico No one offered any help. It is a weird error message. I couldnt find any mention of it on the internet.
What version of Windows 10 are you on? This happened with a couple of laptops that had upgraded themselves to Windows 10 20H2. I resolved the matter by resetting the Windows installation from the cloud. Now they are happily syncing again with Intune.
Best wishes
Martin
martingroen Yes! That is exactly what happened with ours as well! We upgraded to edition 19041 (2004) and these workstations immediately stopped checking in to Intune and now we cannot re-enroll them. What do you mean by "resetting the Windows installation"? Do you mean you rolled back the upgrade? Unfortunately I am not in the position to do that because we require 2004 for full Windows Defender Application Control functionality with custom OMA-URIs
NFederico Annoying isn't it. Seems to be some bug that MS have forgotten to address. 😉
Anyway, I didn't downgrade, I just downloaded a fresh install from the cloud. This is a new option in Win10 2004 that is extremely useful. I followed these steps
Optimize Windows 10 PC reset using the cloud
, making sure I clicked on the 'Keep my files' option. Unfortunately, I had to repeat this procedure with every laptop; it's very time consuming. But the colleagues get to keep their files and Intune syncing resumed so I could enforce my policies again and indeed enforce Advanced Threat Protection again and firewall policies. @microsoftsupport could you correct this before you release version 2101?
martingroenHey, I worked on this today and was able to resolve it on several computers without resorting to reinstalling Windows, if you are interested. First, I removed the computers from the AAD Connect sync and GPO scope and completely purged them from Intune and AAD. I then ran dsregcmd /leave from an elevated command prompt on each workstation console. Next, navigate to the following registry hive on each impacted workstation: HKLM\SOFTWARE\Microsoft\Enrollments. Delete as many GUID-named keys as possible from this directory (example attached). Ignore any keys that cannot be deleted. Now restart the workstation and add it back to the AAD Connect sync and GPO containers/groups. Once I logged back in with a MEM-licensed AAD user (user auto enrollment), my devices were once again managed by Intune within the next ~15 minutes. Good luck and thanks for your collaboration on this!