Windows 10 Enterprise subscription is not valid

Copper Contributor

Recently i have one of our user's machine reverted itself from Windows 10 Enterprise to Pro

I have checked the requirements needed in order for Windows 10 Pro machine getting upgraded to Enterprise via M365 E3 license. I can verify that the machine is

  1. AAD-Joined
  2. Windows 10 1803
  3. Valid M O365 E3 license assigned to the user

The current "error" i am getting is Windows 10 Pro activated with a digital license, Windows 10 Enterprise subscription is not valid.

 

Not sure what else i need to check or do. Please help? Kind Regards

14 Replies

bump. Need help with this guys

have you checked that the device owner still exists and is licensed? have seen at a customer where the original device owner left the company and their M365 license moved to the new person then device stopped syncing correctly with Intune as the licensing is applied to the user not the device (and the device owner was not licensed), after doing a automatic redeployment of the device and sign in as the new user the device owner updated and was able to sync normally....

Not sure if this is the issue you are having, but something worth checking

Steve:)

@SteveMacNZ_Old 

 

Thanks for your response Steve. Both the user and device are still active. Everything was fine until about a week ago where the laptop miraculously just downgraded itself from Enterprise to Pro

 

Do you think removing the laptop from the domain, sync to AAD, re-joining the laptop to the domain and then re-syncing will help? Sounds weird but i am out of ideas

hmmm strange one then, have you checked that the device can access company resources from the Company Portal WUA ? you could try forcing a sync from settings in Company Portal, other than that try a Automatic redeployment of the device.

Can you please confirm is the device only AAD joined or is it Hybrid joined?

@SteveMacNZ_Old 

 

Hi Steve, the device on is shown as AADJoined on dsregcmd /status and shown as Hybrid joined on AAD

@Tommy0824we are planning to move our customers to this licensing so be interested to know what's happening here. Has the user UPN changed? If the user can run dsregcmd /status then you can see if 'IsUserAzureAD' is yes.

 

Nigel 

IsUserAzureAD is yes, no UPN change at all

@Tommy0824 Any updates on this? were having the same issue and MS Support doesn't seem to pinpoint the problem. 

@Rufino1265 

 

sorry for the very late response! no unfortunately no straight forward way to fix this

the "fix" for me was either 

1. remove the machine from the domain and re-join, and then wait for AAD sync

2. re-imaging the machine and then go through the whole AAD sync process. pretty much like option 1 but more drastic

 

this issue does not happen often but when it does, its a nightmare to deal with especially for users who are working externally and rely on direct access to access corporate resources

@Tommy0824 we have the same issue.
Did you ever found a non intrusive fix for this?

 

The only solution we could find, is removing multiple devices (lesser than 5) from the user.

 

@ReneMP unfortunately no. the work around i have was to get a VPN installed so that these affected users can access the shared drives as DA wont work without Win 10 being Ent

 

Funnily enough, i had about 3 users got affected by this recently and after some time (3 weeks maybe?) it reverted back from Pro to Ent. This all done on the backend and not understanding why is frustrating

Having same problem, using the same licenses, hybrid environment, we aren't using any Intune management at all only AD and Azure not sure what to try next.

@Tommy0824Today we've found a potential fix for the problem, please try the below and let me know how it goes:

  1. Login as the Microsoft E3 or E5 licensed user.

  2. Open Settings > System> Shared Experiences and click Fix on the account issue.

  3. Log out and back in, see if it has upgraded.

Thanks for this, i'll keep this in mind when the issue happens again
So far, for users with this issue i would install a VPN so that they get access to the shared drives whilst Windows decide to "fix" itself