Aug 25 2022 06:48 AM - edited Aug 25 2022 09:39 AM
Hello Community,
We have an environment with 1500 Devices consisting around 1000 Devices which are already Azure AD Joined & around 500 Devices which are Hybrid AAD joined connected to local AD.
We want to onboard All devices to Endpoint Manager however we are unable to find a way to Bulk enroll devices to Intune. Our requirements are:
Enroll Existing Azure AD joined device to Intune without User Interaction in Bulk or through some automated approach. (We do not want to manually enter Creds to enroll neither want to reset AADJ)
Enroll Local AD joined devices in bulk without renaming the Computer Name as the Windows PPKG is forcing to rename the devices. How can we keep existing device name while enrolling. (We are aware of GPO Approach but did not tested it yet hence unaware of any Cons of using it)
What we have Tried so far and our expectations?
At the end our Motive is to enroll AADJ devices to Intune so we can start managing them, the enrollment process should not be a pain for our users or hampering their workflow. (We can ignore Optional requirement if its not possible to achieve )
Looking forward for some valuable suggestions!
Thank you!
Aug 25 2022 08:36 AM
Aug 25 2022 09:40 AM
Aug 25 2022 10:48 AM
Aug 25 2022 11:15 AM - edited Aug 25 2022 12:51 PM
Thank you for your response @Rudy_Ooms_MVP
Aug 25 2022 11:39 AM - edited Aug 25 2022 12:51 PM
When i ran get-Item i get below with no value:
Aug 25 2022 12:31 PM
Aug 25 2022 12:55 PM
Aug 25 2022 12:59 PM
Aug 25 2022 01:05 PM
Aug 25 2022 02:58 PM
Aug 25 2022 03:24 PM
Aug 25 2022 10:26 PM
Aug 26 2022 06:48 AM - edited Aug 26 2022 06:52 AM
Hello Rudy,
The Machine we are testing is Windows 11 and it is updated to the Latest version:
Edition Windows 11 Enterprise
Version 21H2
Installed on 8/16/2022
OS build 22000.918
Serial number ****
Experience Windows Feature Experience Pack 1000.22000.918.0
--------------------
I looked into the c:\windows\policydefinitions folder and did not find the Feeds.admx file neither the FEEDS folder is showing under the Registry.
_--------------------
The errors i noticed yesterday generated in every few minutes of interval with 404 mostly & 76 eventid sometimes . i do not see a scheduled task category created in the scheduler but did ran the devicenroller.exe few times and received below errors and warnings:
Autopilot.dll WIL error was reported.
HRESULT: 0x80070491
File: onecoreuap\admin\moderndeployment\autopilot\dll\dllmain.cpp, line 138
Message: NULL
Log Name: Microsoft-Windows-ModernDeployment-Diagnostics-Provider/ManagementService
Source: Microsoft-Windows-ModernDeployment-Diagnostics-Provider
Date: 8/26/2022 5:40:13 AM
Event ID: 1010
Task Category: None
Level: Error
Keywords:
User: AzureAD\******
Computer: ******
Description:
Autopilot.dll WIL error was reported.
HRESULT: 0x80070491
File: onecoreuap\admin\moderndeployment\autopilot\dll\dllmain.cpp, line 138
Message: NULL
Event Xml:
<Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event">
<System>
<Provider Name="Microsoft-Windows-ModernDeployment-Diagnostics-Provider" Guid="{bab3ad92-fb96-5902-450b-b8421bdec7bd}" />
<EventID>1010</EventID>
<Version>0</Version>
<Level>2</Level>
<Task>0</Task>
<Opcode>0</Opcode>
<Keywords>0x1000000000000000</Keywords>
<TimeCreated SystemTime="2022-08-26T12:40:13.5958417Z" />
<EventRecordID>150</EventRecordID>
<Correlation />
<Execution ProcessID="13060" ThreadID="1864" />
<Channel>Microsoft-Windows-ModernDeployment-Diagnostics-Provider/ManagementService</Channel>
<Computer>Blusky-PW02C9F3</Computer>
<Security UserID="S-1-12-1-489007883-1246781830-594163853-3518620488" />
</System>
<EventData>
<Data Name="HRESULT">0x80070491</Data>
<Data Name="File">onecoreuap\admin\moderndeployment\autopilot\dll\dllmain.cpp</Data>
<Data Name="Line">138</Data>
<Data Name="Message">NULL</Data>
</EventData>
</Event>
---------------------
MDM ConfigurationManager: Command failure status. Configuration Source ID: (1DE7985E-ABE6-4B09-B008-E050367E5DD2), Enrollment Name: (MDMDeviceWithAAD), Provider Name: (Policy), Command Type: (Add: from Replace or Add), CSP URI: (./Device/Vendor/MSFT/Policy/ConfigOperations/ADMXInstall/Receiver/Properties/Policy/FakePolicy/Version), Result: (The system cannot find the file specified.).
Log Name: Microsoft-Windows-DeviceManagement-Enterprise-Diagnostics-Provider/Admin
Source: Microsoft-Windows-DeviceManagement-Enterprise-Diagnostics-Provider
Date: 8/26/2022 5:19:44 AM
Event ID: 404
Task Category: None
Level: Error
Keywords:
User: SYSTEM
Computer: **2C9F3
Description:
MDM ConfigurationManager: Command failure status. Configuration Source ID: (1DE7985E-ABE6-4B09-B008-E050367E5DD2), Enrollment Name: (MDMDeviceWithAAD), Provider Name: (Policy), Command Type: (Add: from Replace or Add), CSP URI: (./Device/Vendor/MSFT/Policy/ConfigOperations/ADMXInstall/Receiver/Properties/Policy/FakePolicy/Version), Result: (The system cannot find the file specified.).
Event Xml:
<Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event">
<System>
<Provider Name="Microsoft-Windows-DeviceManagement-Enterprise-Diagnostics-Provider" Guid="{3da494e4-0fe2-415c-b895-fb5265c5c83b}" />
<EventID>404</EventID>
<Version>0</Version>
<Level>2</Level>
<Task>0</Task>
<Opcode>0</Opcode>
<Keywords>0x8000000000000000</Keywords>
<TimeCreated SystemTime="2022-08-26T12:19:44.7194027Z" />
<EventRecordID>851</EventRecordID>
<Correlation />
<Execution ProcessID="10824" ThreadID="12956" />
<Channel>Microsoft-Windows-DeviceManagement-Enterprise-Diagnostics-Provider/Admin</Channel>
<Computer>*2C9F3</Computer>
<Security UserID="S-1-5-18" />
</System>
<EventData>
<Data Name="Message1">1DE7985E-ABE6-4B09-B008-E050367E5DD2</Data>
<Data Name="Message2">MDMDeviceWithAAD</Data>
<Data Name="Message3">Policy</Data>
<Data Name="InternalCmdType">1</Data>
<Data Name="Message5">./Device/Vendor/MSFT/Policy/ConfigOperations/ADMXInstall/Receiver/Properties/Policy/FakePolicy/Version</Data>
<Data Name="HexInt1">0x80070002</Data>
</EventData>
</Event>
------------------
WARNING
DeviceStatus CSP: WscGetSecurityProviderHealth(WSC_SECURITY_PROVIDER_FIREWALL) returned status 0x2 and HRESULT Incorrect function.
Log Name: Microsoft-Windows-DeviceManagement-Enterprise-Diagnostics-Provider/Admin
Source: Microsoft-Windows-DeviceManagement-Enterprise-Diagnostics-Provider
Date: 8/26/2022 5:16:33 AM
Event ID: 2750
Task Category: None
Level: Warning
Keywords:
User: SYSTEM
Computer: *2C9F3
Description:
DeviceStatus CSP: WscGetSecurityProviderHealth(WSC_SECURITY_PROVIDER_FIREWALL) returned status 0x2 and HRESULT Incorrect function.
Event Xml:
<Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event">
<System>
<Provider Name="Microsoft-Windows-DeviceManagement-Enterprise-Diagnostics-Provider" Guid="{3da494e4-0fe2-415c-b895-fb5265c5c83b}" />
<EventID>2750</EventID>
<Version>0</Version>
<Level>3</Level>
<Task>0</Task>
<Opcode>0</Opcode>
<Keywords>0x8000000000000000</Keywords>
<TimeCreated SystemTime="2022-08-26T12:16:33.7809003Z" />
<EventRecordID>822</EventRecordID>
<Correlation />
<Execution ProcessID="11656" ThreadID="11660" />
<Channel>Microsoft-Windows-DeviceManagement-Enterprise-Diagnostics-Provider/Admin</Channel>
<Computer>**F3</Computer>
<Security UserID="S-1-5-18" />
</System>
<EventData>
<Data Name="Message1">WSC_SECURITY_PROVIDER_FIREWALL</Data>
<Data Name="HexInt1">0x2</Data>
<Data Name="HRESULT">0x1</Data>
</EventData>
</Event>
------------------------------------
I noticed because of the Group policy change "*Enable: “Automatic MDM enrollment using default Azure credentials“" i found below warning:
Log Name: System
Source: Microsoft-Windows-GroupPolicy
Date: 8/26/2022 6:20:56 AM
Event ID: 1085
Task Category: None
Level: Warning
Keywords:
User: SYSTEM
Computer: **C9F3
Description:
Windows failed to apply the MDM Policy settings. MDM Policy settings might have its own log file. Please click on the "More information" link.
Event Xml:
<Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event">
<System>
<Provider Name="Microsoft-Windows-GroupPolicy" Guid="{aea1b4fa-97d1-45f2-a64c-4d69fffd92c9}" />
<EventID>1085</EventID>
<Version>0</Version>
<Level>3</Level>
<Task>0</Task>
<Opcode>1</Opcode>
<Keywords>0x8000000000000000</Keywords>
<TimeCreated SystemTime="2022-08-26T13:20:56.0572615Z" />
<EventRecordID>9062</EventRecordID>
<Correlation ActivityID="{c0ff9fc8-a78e-4a8e-910d-fa347050bbb9}" />
<Execution ProcessID="2800" ThreadID="18388" />
<Channel>System</Channel>
<Computer>**9F3</Computer>
<Security UserID="S-1-5-18" />
</System>
<EventData>
<Data Name="SupportInfo1">1</Data>
<Data Name="SupportInfo2">5056</Data>
<Data Name="ProcessingMode">0</Data>
<Data Name="ProcessingTimeInMilliseconds">94</Data>
<Data Name="ErrorCode">2149056522</Data>
<Data Name="ErrorDescription">The device is already enrolled. </Data>
<Data Name="DCName">
</Data>
<Data Name="ExtensionName">MDM Policy</Data>
<Data Name="ExtensionId">{7909AD9E-09EE-4247-BAB9-7029D5F0A278}</Data>
</EventData>
</Event>
--------------------------------------
As per speeding up section, i ran C:\Windows\system32\deviceenroller.exe /c /AutoEnrollMDM but did not received any error on commandshell however i checked the event logs and did not find any immediate error except mentioned above which are generated in some intervals since yesterday.
---------------------------------------
Yesterday only once have got 76 event error but post that it's only 404 and couple of times i noticed 454.
-----------------------------------------
I will be testing another Windows 10 today and follow your steps but wanted to inform you that we have tested couple of Windows 10 and 11 in the past and they all failed to auto enroll.
Our system is accepting new enrollments and adding new Windows 10 or 11 machines in endpoint manager through manual azure ad join method.
Aug 26 2022 06:51 AM
Aug 26 2022 06:59 AM
Aug 26 2022 07:23 AM
Aug 26 2022 10:37 AM