Sep 10 2019 07:03 AM
Hi All
I have some Hybrid Azure AD Join W10 devices, auto enrolled in Intune via GPO however the Registered status equals pending.
MS docs state:
A device can also change from having a registered state to "Pending"
In both cases, you must re-register the device manually on each of these devices. To review whether the device was previously registered, you can troubleshoot devices using the dsregcmd command.
Ref:
https://docs.microsoft.com/en-us/azure/active-directory/devices/faq
Can anyone elaborate on the "you must re-register the device manually on each of these devices"?
Info appreciated
Sep 10 2019 01:33 PM
My guess is to use psexec to run cmd as system user and then execute the command dsregcmd /join /debug
This should also give you more info about issues you might have with device enrollment
Jan 14 2020 06:19 AM - edited Jan 14 2020 06:31 AM
This worked for me:
1. dsregcmd /debug /leave
2. Confirmation from Azure AD that device object was removed
3. Reboot machine
4. Confirmation that the device had been trying to register itself again to Azure AD (AAD audit logs)
5. Confirmation of device status from AAD (changed from pending to "registered with timestamp")
6. dsregcmd /status (which should now have PRT included)
Did steps above today and the device state was successfully changed. After those were done, I had to wait for the next Azure AD Connect sync cycle to change the device status in Azure AD (working in a managed environment).
Dec 18 2020 11:41 AM
Hello Sami,
I am facing the same problem and have tried the command "dsregcmd /debug /leave"and the device was removed from Azure AD but still it Show as Pending. Have checked the event logs and did not find any error. I thing which i noticed we have a .local domain will it have an affect as we have added a UPN suffix for our users.
Any help would be appreciated!