Forum Discussion
Kitram
Aug 25, 2021Copper Contributor
The CPC-* device won't sync with AAD
When I want to provision a device, it creats me a CPC-* device in my on prem AD, but it won't sync to AAD. Even in Synchronzation Service Manager i see that one new device is added, i am not able to s...
xTwoTwo
Oct 15, 2021Copper Contributor
Hi,
have you ever managed to sort this out?! I'm facing the exact same issue at the moment.
Cheers, Maarten
- EricOrmanOct 19, 2021MicrosoftHybrid Azure AD join has to be enabled in Azure AD connect in order to sync devices that are AD joined to Azure. Steps are pretty easy, here is doc to help = https://docs.microsoft.com/en-us/azure/active-directory/devices/hybrid-azuread-join-managed-domains
If that is configured and proper OU was selected then there might be something else, here is good troubleshooting doc = https://techcommunity.microsoft.com/t5/windows-it-pro-blog/troubleshooting-hybrid-azure-ad-errors-during-windows-365-cloud/ba-p/2605523 - KitramOct 19, 2021Copper ContributorxTwoTwo
Did you check inside the computer object in on-prem AD the attribute usercertificate? Is this empty or filled in?
Yes, I did. In my case it was my webfilter, which blocked the the Microsoft CA.
Simplest way to troubleshoot is just to create a simple VM in azure. The VM should have the VNET which is integrated to W365. Then make sure the VM is AD joined (on-prem) and in the right OU, where tje CPC-* devices are. Check if this computer object is synced with Azure Ad. If notnstart to trounleshoot with (Dsregcmd /join etc.)
https://docs.microsoft.com/en-us/azure/active-directory/devices/troubleshoot-hybrid-join-windows-current#troubleshoot-join-failures