cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 

Troubleshooting Event IDs and Error codes when enrolling into Intune and MDE

HiddenInTheCables
Copper Contributor

‎May 02 2023 04:55 AM - edited ‎May 04 2023 12:07 AM

‎May 02 2023 04:55 AM - edited ‎May 04 2023 12:07 AM

Troubleshooting Event IDs and Error codes when enrolling into Intune and MDE

Hello everyone.

 

As the topic somewhat states, I'm in need of suggestions and ideas on how to possible troubleshoot some of the different Event IDs and Error codes. I'm not the original person to start the implementation of Intune and MDE. So I'm currently doing cleanup and trying to get things back on track. So there might be questions I won't be able to answer fully.

 

Furthermore I've only been working at my current position for a month so you might need explain some things a bit more in depth.

 

Overview:

Common Event IDs and corresponding Error codes I'm trying to fix.

 

- 76 - Auto MDM Enroll: Device Credential (0x0), Failed (Unknown Win32 Error code: 0x8018002b)

- 201 - MDM Session: OMA-DM message failed to be sent. Result: (Uautoriseret (401).).

- 2545 - MDM Declared Configuration: Function (checkNewInstanceData) operation (Read isNewInstanceData) failed with (The parameter is incorrect.)

All Event IDs and Error codes has been extracted using 'Event Viewer'.

 

Enrollment structure.

We're currently running a Hybrid Joined Azure AD with a specified GPO for enrolling devices. Roughly 70% of the company devices has enrolled correctly in Intune and connected to MDE through the EDR policy we've created. 

 

This is the current Enrollment configuration in Intune (and before you tell me we need to change "some" to "all" note that this is most likely not going to happen - this would potentially cause a lot of trouble in our environment since we have a good amount of APPusers and is using Citrix).

Enrollment_configurations.png

Example of current troubleshooting process.

I've been stealing one of my colleagues device whenever he had a few minutes to spare. On this device I've currently tried to test the following things.

 

-I've removed the prior Endpoint solution we used to have (Symantec)

-I've ran dsregcmd /status (see below for output, sorry for the horrible format)

- After analyzing the output from dsregcmd, it's possible to see that this device is missing the MdmUrl, MdmTouUrl and MdmComplianceUrl

 

 

dsregcmd_output1.png

dsregcmd_output2.png

dsregcmd_output3.png

 

 

My questions and potential fixes.

First of all, my guess is that Event ID 76 with the corresponding error message should be fairly easy to fix. I've found this guide https://learn.microsoft.com/en-us/troubleshoot/mem/intune/device-enrollment/windows10-enroll-error-8...

My question here is, would there be a potential skip/shortcut. I'm not sure I can get my hands on my colleagues devices for an extended period of time in order to test stuff directly on their machine.

 

Regarding the two other issues, I've been struggling a bit more to a potential solution that I think will apply to my specific problem.

The only guide I've found that I feel somewhat looks like what I've been doing is this, but in this case the device still have MdmUrl etc. which mine does not. https://learn.microsoft.com/en-us/azure/active-directory/devices/troubleshoot-hybrid-join-windows-cu...

 

Thanks in advance!
EDIT: A few Typos etc.

3,051 Views
0 Likes
0 Replies
Reply
0 Replies