Tech Community Live: Endpoint Manager edition
Jul 21 2022, 08:00 AM - 12:00 PM (PDT)

Autopilot Device in AAD, manageable, getting apps/config, MDM is set to Intune... but MIA in Intune

Contributor

Hi all, I've been testing Autopilot Self-Deployment mode extensively for the last few months testing various scenarios and iterating several times daily on Autopilot builds. Every once and a while, I'll run into this strange issue where everything is acting 100% perfectly with a newly Autopiloted device except that it's MIA in Intune. Not hybrid, just straight AAD and Intune. This goes on for hours. Sometimes if I wait overnight, it will be there. Other times, it never shows up.

 

The device is getting all its configuration and apps as expected... everything looks right, it's just missing from Intune. I am re-using the same device with the same serial number. I delete the device from Intune, then Autpilot (under Windows enrollment in Intune) then I delete it from AAD. Once it's deleted, I re-install Windows on my Surface, drop to cmd with Shift-F10, use get-WindowsAutopilotInfo to upload the device, assign it to an SG, assign it to a profile, etc. etc. Then I reboot, run through Autopilot as usual.

 

I can select the device in AAD, hit the "manage" button and view all its config and apps. Everything looks right. I'm not sure if using the "manage" button from AAD is the same as Intune? It definitely looks like Intune but the URL is portal.azure.com instead of endpoint.microsoft.com.

 

any ideas? Thanks.

 

DanWheeler_1-1652981576665.png

 

DanWheeler_2-1652981601084.png

 

DanWheeler_3-1652981621786.png

 

 

5 Replies

@DanWheeler,

 

Please check if the MDM user scope is set to "All" and MAM user scope is set to "None" in Devices > Windows > Windows enrollment > Automatic Enrollment in MEM.

 

Hope this helps!

Moe

 

So it was selected, and still no devices showing in MEM. What type of licenses are you using for O365 and EndPoint?

Moe
Mmm looking at the screenshots... the device is indeed mdm enrolled. (last sync successful and the Managed by page and even compliant :) )

-How is the naming prefix configured?
-Assuming the time is correctly configured on the device
-How are the Mobility MDM and MAM applications configured in aad ?

But still the devices does get enrolled :) only doesn't show up in Intune.
Hi Rudy, thanks for the help. I provide a static name when I use get-windowsautopilotinfo.ps1 to upload the hash, add it to a SG, tag it and assign an autopilot profile. This is an example of the specific command I use:

Get-WindowsAutoPilotInfo -Online -AssignedComputerName "DEVICENAMEPOS001" -GroupTag "DEVICENAMEPOS001" -AddToGroup "Autopilot-POS" -Assign

Yes, date/time/timezone are all good

MDM is set to "all" and MAM is set to "none"

So... I checked this morning, and the device is now showing in Intune despite being turned off in my backpack for the last 4 days. So there's got to be some background process happening that isn't related to active check-ins on the device. I'm not exactly sure when in the last 4-5 days it finally showed up.

If I had to guess, it's because I'm re-using the same device for my testing and that is confusing Intune/AAD. I know there's that "sync" button in the Windows Autopilot area in Intune and I tried that a few times but no joy. Maybe there's some process on a 24 or 48 hour cycle that cleans up the old record and replaces it with the new when something is imaged over-the-top?