Forum Discussion

Abinash RGS ICT - Hotmail's avatar
Abinash RGS ICT - Hotmail
Copper Contributor
Feb 24, 2020

unable to logon to the Intune Device

Hi, we have some users who are unable to logon to their Intune Azure AD joined devices (Win 10). When entering password it says "Password Incorrect". Same password works fine when they logon to the Office 365 on different computer.

In Intune portal, Devices tab shows that device as
Enabled Yes
Azure AD Joined
MDM None

 

Not sure how, but the MDM normally says "Microsoft Intune" and these users/devices has "None".
These users cannot logon to the device and also it doesn't gives me an option to logon as other user. Not sure what to do beside wiping it OR Is there a way I can manually add this device as Intune managed from the Azure Portal ?

 

Any help would be much appreciated, thank you.

  • weswhitworth's avatar
    weswhitworth
    Copper Contributor
    I'm having the same issue. Anyone figure this out yet? Also, how can you register the device with AAD when logged in as the local admin? dsregcmd is not available as its not a domain account?
    • natehutch's avatar
      natehutch
      Brass Contributor
      Register is different to join and you would typically do a register or a personal join while logged in as a local admin on the device.

      It would be interesting to know your enrolment scope settings as well as WHfB global settings and device enrollment restrictions, if you have any set.
    • Abinash RGS ICT - Hotmail's avatar
      Abinash RGS ICT - Hotmail
      Copper Contributor

      Jente_Vandijck 

      Not sure if it is related to the MDM User Scope because I have successfully enrolled few Windows devices today.

       

      MDM none is happening on few devices. These devices appears on "Azure AD Devices" but not on "All Devices".  Windows Enrolment >> Devices >> Serial number of device says Not Enrolled for the Enrolment State. Is there a way to re-enroll them without losing the data on the device ?

       

      This is what we have for the MDM User Scope

      screenshot: https://i.snipboard.io/7W3DUw.jpg 

       

       

      • Jente_Vandijck's avatar
        Jente_Vandijck
        Brass Contributor

        Abinash RGS ICT - HotmailSince your MDM user scope is set to all it should be ok. There is something else you should check:

         

        Intune Portal > Device Enrollment > Windows Enrollment > CNAME Validation.

        enter your domain and test if it's successfull.

         

        Sadly, there is no official way to re-enroll your device without losing your profile (remove from Azure AD & add again) - that I know off. You won't loose the data, you just start with a clean profile (you can copy it manually after re-enrolling). I'm not sure if this still works, but you can try downloading the Company Portal App and see what information this gives.

         

Resources