Forum Discussion
No logged events from ODJ connector service on Windows Server 2022
I am trying to enroll some workstations in our Intune environment via Hybrid AAD. We have the ODJ Connector installed on our Windows server, and the service is running. I have confirmed connectivity to Intune is healthy.
When I go through the user-driven enrollment of the device, I am able to see our organization's login screen as we've set up prior, and I'm able to authenticate to Azure with my credentials. Afterward, I can see the device has enrolled in Intune, but I am not able to get any further than that.
I have checked the ODJ service on the server to see if there are any events related to the creation and uploading of a Blob to Azure, but there are no events logged. When the process finally fails, I am given the typical 80070774 error which people say has something to do with line of sight to the domain controller.
The device is plugged into an ethernet cable in my office and should be able to ping the DC from there. I have also tried to use the wireless LAN connection, but the result is the same. I am unable to use the Shift+F10 trick during enrollment to bring up a cmd prompt to run any PowerShell scripts, to see where the hangup is occurring.
The only information I am able to derive throughout the process is from Intune Device Monitor, which states that there was a failure with the ESP deployment state. There has also been observed a failure related to the Blob.
I have gone through most online tutorials and references with regard to setting up AutoPilot and Intune, and nothing seems to help. I have made sure the user has the Intune license, I have made sure the domain-join profile is there, and is not configured incorrectly with the OU path, or with the device name using a special character. I have covered every base I can think of. If anyone has any thoughts on how I can determine why the connection to the domain controller is failing, please let me know!
Thank you in advance!
Keith
- Making some progress now. I don't know why it all of a sudden started working, but I did change my domain join profile back from mycompany.com to mycompany.local and that seemed to work. I was presented with the "Setting up your device for work" window and made it all the way to the Device setup - Apps section when it finally failed.
I have since removed all apps from Intune that I wanted to pre-load onto the device, with the exception of Company Portal and M365 apps. If those successfully install after the device reset is complete, then I will start adding each additional app individually until there is a failure.
- It's more like the connection from the ODJ Connector towards Intune. Does it have internet access to FQDNs/ports/IPs like mentioned at https://learn.microsoft.com/en-us/mem/intune/fundamentals/intune-endpoints ? Can you check firewall logs?
Harm_Veenstra Thanks for your reply. When I launch the ODJ connector wizard on the server, it shows that it is enrolled. I am not able to sign in since that step has already been performed. If I look on my Intune account online, I can see that the connector status is active from that server and healthy. Wouldn't that indicate that the outbound firewall rules are properly configured on the server?
- Seems ok, but firewall logs are always useful to double check... Hybrid Join is alway somewhat complex, domain join profile is correct you said and the deployment profile too regarding assignments?
