Error running on-premises Intune Connector for Active Directory (ODJ Connector).

Copper Contributor

Hi, 

 

I trying add AAD joined devices hybrid at my AD DS local whit Autopilot.

 

I downloaded the ODJConnectorBootstrapper.exe file from the Microsoft Endpoint Manager > Devices > Enroll devices portal, the installation was successful, but after trying to sign in, an error occurred in the log file (C:\Program Files\Microsoft Intune\ODJConnector\ODJConnectorUI\ODJConnectorUI. log) and also in the Event Viewer (Application and Servecies Logs > ODJ Connector Service) ..

 

Event Viewer:
{
"Metric":{
"Dimensions":{
"InstanceId":"746F3603-6956-42CF-B6B0-A9673088C5F0",
"DiagnosticCode":"0x0FFFFFFF",
"DiagnosticText":"We are unable to complete your request because a server-side error occurred. Please try again. [Exception Message: \"DiagnosticException: 0x0FFFFFFF. We are unable to complete your request because a server-side error occurred. Please try again.\"] [Exception Message: \"Value cannot be null.\u000d\u000aParameter name: cert\"]"
},
"Name":"RequestHandlingPipeline_DownloadFailure",
"Value":0
}
}


log file:
ODJ Connector UI Error: 2 : ERROR: Failed to check if machine is already enrolled. Detailed message is: Error in retrieving certificate. A certificate could not be found in the specified store.


The articles I used:
https://docs.microsoft.com/en-pt/mem/autopilot/windows-autopilot-hybrid
https://techcommunity.microsoft.com/t5/intune-customer-success/admins-experience-deploy-hybrid-azure...

 

The IE Enhanced Security Configuration is already OFF, I've removed everything related to Intune and reinstalled only the ODJConnector, I've restarted the server, but the problem persists.

 

Can anyone help me?

26 Replies
You didn't install it on a Domain Controller right?
I have seen this issue before when you install the connector before giving the OU permissions. Please uninstall the connector, change the OU permissions and install the Connector just like the steps below:

Hope this helps!
Moe

https://docs.microsoft.com/en-us/mem/autopilot/windows-autopilot-hybrid#increase-the-computer-accoun...
Hi Harm,

Right, I'm installed on a member
Hi Moe,

It's possible, I'll do it according to the steps.
bad news :(

I installed it on a domain member server with win 2019 following the steps in the document and the exact same errors occurred.

Any more ideas?
Your firewall isn’t blocking any traffic for inbound or outbound correct?
What is the status of the Proxy in Endpoint Manager, does it show green? You may getting misleading error.

If it shows green, can you try to enroll a device from Onprem?

Moe
Hi Moe,

Excuse my ignorance, but what is Proxy in Endpoint Manager, how do I check?

My local network doesn't have a web proxy, just an NGFW and I already created a stateful rule for the server without any restrictions and the issue persists.
Sorry for the confusion!

Can you check the status of Intune Connector under Endpoint Manager - Devices - Windows - Intune Connector for Active Directory.

@Moe_Kinani 

 

Would it be in Endpoint Manager (Devices > Windows > Windows enrollment > Intune Connector for Active Directory > Add )?

 

I still don't see any in this place. See attached.

Sorry about the delay in response.

Ok, so still not showing in Endpoint manager, can you upload a screenshot of the error you getting when you install it?
Hi Moe,

No problem.

Now when I went to run the ODJConnectorUI to get the screenshots, it connected successfully, but I still don't see it in the Portal Endpoint Manager.

I'll wait a little.
Hi @Moe,

I have good news, on monday I checked the status and it's ok.

I also added a PC in AD DS successfully using Autopilot.

Thanks for your help.

@Moe_Kinani 

Is there away fully remove the Intune Connector for Active Directory?

I uninstalled the connector from the server, but it still shows under Devices>Enroll devices>windows enrollment>Intune Connector for Active Directory. Please advice.

Sorry about the delay in response!

Expected, you can’t delete the connector from Intune, it should  automatically remove after sometime of inactivity.

Moe

@Moe_Kinani 

 

Thank you Moe.

I keep getting the Azure AD Connect Sync errors detected notification and I assuming this will go away as well when the connector automatically removed?

 

KaKashi