Jul 12 2019 05:26 AM
Hi All
A strange one here.
I have set up auto enrollment of Windows 10 devices as per:
https://docs.microsoft.com/en-us/intune/quickstart-setup-auto-enrollment
All seems to be fine, user can join Azure AD from W10 settings screen, device enrolls in MDM OK.
However the user just doesn't seem to be able to login.
There's NO other options screen at login or Azure AD upn /password gets rejected.
Any ideas?
Jul 13 2019 01:27 PM
Jul 15 2019 01:24 AM
@jenstf wrote:
Never had any issues with that. I suppose you have also enabled Azure AD join under device settings in Azure AD for the same group?
Do you get AzureADJoined: YES if you run "dsregcmd /status" as admin?
Do the devices show under devices in Azure AD.
Yes to all the above.
Works fine via OOBE but when done via a live, up and running system, there is NO option to login as the Azure AD user, only local admin. Weird.
Info appreciated
Jul 15 2019 02:17 AM - edited Jul 15 2019 02:18 AM
Hey @StuartK73,
simple question, I assume you have done this right but just to make sure. Did you actually AADJ or maybe just a Workplace Join. The AADJ is not the obvious way. As said you probably did it right but to make sure the problem is not based on this simple fact, I want to outline how to proper AADJ a live system via settings. You have to use the lower hyperlink and not the obvious input field in the first place:
best,
Oliver
Jul 15 2019 03:18 PM
@Oliver Kieselbach wrote:Hey @StuartK73,
simple question, I assume you have done this right but just to make sure. Did you actually AADJ or maybe just a Workplace Join. The AADJ is not the obvious way. As said you probably did it right but to make sure the problem is not based on this simple fact, I want to outline how to proper AADJ a live system via settings. You have to use the lower hyperlink and not the obvious input field in the first place:
best,
Oliver
Yes, the Azure AD Join method was selected.
Stuart
Jul 15 2019 03:28 PM
after logging in with the admin, did you check the event logs. not only system and applications also under Applications and Services logs > Microsoft > Windows > ... there I would check AAD and DeviceManagement-Enterprise-Diagnostics-Provider
Is the device correctly registered under Azure AD and Intune and has device objects after you enrolled it via Windows > Settings?
It seem that the process failed somehow but doesn't provide any feedback in form of an error message, but event logs should reveal the issue probably.
best,
Oliver