Azure AD devices associated with Windows Autopilot are disabled in AAD

Brass Contributor

We've been seeing an issue lately where most, if not all, newly imported devices in Autopilot have their associated AAD device objects disabled.  This has caused us some grief because we have a provisioning script set up that uses an AAD app registration to authenticate, but due to the way the Graph API is set up, the ability to re-enabled AAD devices only works via user authentication.  Is anyone else seeing this same issue?  If so, is there any way to resolve this?  We have a temporary workaround, but I'm interested in learning more about thy this changed recently and what we can do to fix this long term.  Thank you!  

6 Replies
We're experiencing the same thing. I don't remember seeing the devices disabled after being imported for Autopilot.
Ehhh :) thats normal behaviour :) . I explained the whole flow in this blog... so also the disabled state and when it is enabled

https://call4cloud.nl/2021/10/willys-white-glove-wonderland/

@Rudy_Ooms_MVP 
Can you please advise if the case is the same for user-driven hybrid join autopilot. Our deployments were working without issues until April 2022. We started to have this issue back in May 2022. Where the Azure AD device never gets enabled, and we have to enable the device manually. 
Thanks~

To get to the bottom of this issue... i truly need some logs and the etl trace that is being run when you perform the autopilot
Appreciate the response.
Absolutely. I will get them for you, how do i provide them to you?
Thanks~
I don't remember seeing the devices disabled after being imported for Autopilot. --> that's normal behavior as explained here also https://call4cloud.nl/2021/10/willys-white-glove-wonderland/ ... the "device/object" should get enabled during the enrollment