Forum Discussion
unable to logon to the Intune Device
Hi, we have some users who are unable to logon to their Intune Azure AD joined devices (Win 10). When entering password it says "Password Incorrect". Same password works fine when they logon to the Office 365 on different computer.
In Intune portal, Devices tab shows that device as
Enabled Yes
Azure AD Joined
MDM None
Not sure how, but the MDM normally says "Microsoft Intune" and these users/devices has "None".
These users cannot logon to the device and also it doesn't gives me an option to logon as other user. Not sure what to do beside wiping it OR Is there a way I can manually add this device as Intune managed from the Azure Portal ?
Any help would be much appreciated, thank you.
- weswhitworthCopper ContributorI'm having the same issue. Anyone figure this out yet? Also, how can you register the device with AAD when logged in as the local admin? dsregcmd is not available as its not a domain account?
- natehutchBrass ContributorRegister is different to join and you would typically do a register or a personal join while logged in as a local admin on the device.
It would be interesting to know your enrolment scope settings as well as WHfB global settings and device enrollment restrictions, if you have any set.
- Jente_VandijckBrass Contributor
Abinash RGS ICT - Hotmailif the MDM is none there's probably something wrong with the Intune Auto Enrollment. For this to work correctly, your MDM User scope should be configured correct - can you check this?
https://docs.microsoft.com/en-us/intune/enrollment/quickstart-setup-auto-enrollment
- Abinash RGS ICT - HotmailCopper Contributor
Not sure if it is related to the MDM User Scope because I have successfully enrolled few Windows devices today.
MDM none is happening on few devices. These devices appears on "Azure AD Devices" but not on "All Devices". Windows Enrolment >> Devices >> Serial number of device says Not Enrolled for the Enrolment State. Is there a way to re-enroll them without losing the data on the device ?
This is what we have for the MDM User Scope
screenshot: https://i.snipboard.io/7W3DUw.jpg
- Jente_VandijckBrass Contributor
Abinash RGS ICT - HotmailSince your MDM user scope is set to all it should be ok. There is something else you should check:
Intune Portal > Device Enrollment > Windows Enrollment > CNAME Validation.
enter your domain and test if it's successfull.
Sadly, there is no official way to re-enroll your device without losing your profile (remove from Azure AD & add again) - that I know off. You won't loose the data, you just start with a clean profile (you can copy it manually after re-enrolling). I'm not sure if this still works, but you can try downloading the Company Portal App and see what information this gives.