Forum Discussion

Copper Contributor

Nov 21, 2020

Solved

Trying to learn Intune - stuck at MDM "Your device is already being manged by an organization"

I'm trying to learn Intune and Endpoint manager so I'm going through the Pluralsight course https://app.pluralsight.com/paths/skills/implementing-mobile-device-management-mdm-with-microsoft-intune by...

Intune

mobile device management (mdm)

David-B
Nov 23, 2020
The issue has been resolved. The default configuration was for MAM user scope to be set to All when it needs to be set to None.

To get to the correct screen, go to Microsoft Endpoint Manager, click Devices, Enroll Devices, click Automatic Enrollment. Changing MAM from All to None, unmanaging the devices currently in AAD, then adding them again via the Company Portal store app.

Tic_Patrick

Brass Contributor

Apr 13, 2021

David-B

Hi David,

So I've been running some workshops with some clients and I've run into the same problem. It really sucked that it happend during a live demo but all assured I did some troubleshooting.

Apparently the Company Portal App is bugged...

Here are my settings: MAM and MDM are set to all or can be set to some, it doesn't matter. They should work in tandem ...

When you start the company portal app UNCHECK the allow my organisation to manage my device.

Everything works smoothly afterwards. I don't even get why that option is there in the first place. Even if it's unchecked it still registers the device with Azure AD...

I simply proceed then to the allow the organisation to manage my device. It worked.

Hope it helps,

Patrick

Rudy_Ooms_MVP

MVP

Apr 15, 2021

Tic_Patrick

Hi, I guess everyone is wondering the same question.

But working in tandem? Microsoft explains MAM and MDM very well

If you don't want to register the device, you will need to click on no, sign in to this app only

HKLM\SOFTWARE\Policies\Microsoft\Windows\WorkplaceJoin, "BlockAADWorkplaceJoin"=dword:00000001
https://docs.microsoft.com/en-us/azure/active-directory/devices/faq

Tic_Patrick
Brass Contributor
Apr 15, 2021
Right, I completely missed that thing(as in I didn't know about the precedence of MAM over MDM for BYOD, thanks for that) but I was actually referring that having both those option applied shouldn't be the cause of the error "your device is already registered with another organisation". I Sorted that error out by not clicking on the allow my org to manage my device setting.
Sheesh, I'm confused.. oh well, get your troubleshooting boots on!
- Rudy_Ooms_MVP
  MVP
  Apr 15, 2021
  Hi,
  
  It's something that's quickly overlooked indeed. Old registry settings and old account connections could be the cause of the warning/error. When giving a demo, always make sure the device has a nice clean install :). I also made the mistake myself when I wanted to show something to a colleague
  - Tic_Patrick
    Brass Contributor
    Apr 15, 2021
    They are always clean installs(fresh VM). so no registry issues. just that silly manage my device option needs to be unchecked). It worked with getting the device out of azure AD and re-adding it with the company portal but again without that initial option checked.
    
    Best of luck!