Forum Discussion

Paulo Silva's avatar
Paulo Silva
Brass Contributor
Apr 08, 2019

Automatic registration at join phase

Hi Everyone,

I'm trying enroll my devices in my hybrid environment, but when I see my event viewer i receive a message:

Automatic registration failed at join phase.  Exit code: Unknown HResult Error code: 0x801c0021. 

 

and:

 

Windows Hello for Business provisioning will not be launched.

Device is AAD joined ( AADJ or DJ++ ): No

User has logged on with AAD credentials: No

Windows Hello for Business policy is enabled: No

Local computer meets Windows hello for business hardware requirements: Yes

User is not connected to the machine via Remote Desktop: Yes

User certificate for on premise auth policy is enabled: No

Machine is governed by none policy.

See https://go.microsoft.com/fwlink/?linkid=832647 for more details.

 

I already made all configurations following the docs of Microsoft, but I don't get a ideal result.

In my environment I have ADFS and Already have a GPO to automatic enroll devices and all W7 devices appear as Hybrid Azure AD Join, but i dont have the same result with W10 to manage this devices.

And I also followed this steps: https://docs.microsoft.com/en-us/windows/client-management/mdm/enroll-a-windows-10-device-automatically-using-group-policy

Intune

4 Replies

  • Dinesh_Singh1970's avatar
    Dinesh_Singh1970
    Copper Contributor
    Dec 20, 2023

    Paulo Silva 

    open the credential manager then select the windows credential and remove all the generic credential from there. 

    and remove also the azure microsoft account from "work or school " not the domain account.

    after this open the task schedular go in the workplace join folder the run the 1st option over there.


    after this you will not get this.

  • Paulo Silva's avatar
    Paulo Silva
    Brass Contributor
    Apr 18, 2019

    Paulo Silva

    I still receiving the error:
    User Device Registration Admin log – EventID 304 adalResponseCode: 0xcaa1000e – recommended step is to check the AD FS claim rules per mentioned above https://docs.microsoft.com/en-us/azure/active-directory/device-management-hybrid-azuread-joined-devices-setup. It is important to have the AD FS claim rules in the described order and if you have multiple verified domains, do not forget remove any existing IssuerID rule that might have been created by Azure AD Connect or other means.

     

    And

     

    User Device Registration Admin log – EventID 204 – Error code: 0x801c03f2 (“The device object by the given id (xxx) is not found.”) – make sure the on-premises computer object is synchronized to Azure AD. Run the Delta Azure AD Connect sync.

     

    Some devices in my environment register as Hybrid and another ones not.
    I don't really understand what happens.

    I have an ADFS and already followed all the docs from Microsoft.

    Any ideia what could be ?

    • KaanOzkordag's avatar
      KaanOzkordag
      Copper Contributor
      Aug 11, 2022

      I have the same issue. Paulo Silva 

      You may please try this (or anyone having the same issue)

        https://samilamppu.com/2020/01/09/azure-ad-hybrid-device-join-error-0x801c03f2/

       

      Greetings!

      Kaan

Resources