cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 

The CPC-* device won't sync with AAD

Kitram
Copper Contributor

‎Aug 25 2021 09:00 AM - edited ‎Aug 25 2021 12:22 PM

‎Aug 25 2021 09:00 AM - edited ‎Aug 25 2021 12:22 PM

The CPC-* device won't sync with AAD

When I want to provision a device, it creats me a CPC-* device in my on prem AD, but it won't sync to AAD. Even in Synchronzation Service Manager i see that one new device is added, i am not able to see the cpc-* device in AAD.

I already did configure the hybrid azure AD join in my AAD connect. And also did make sure, that the OU is syncing woth AAD. SPC also set. My AD is configured with (.)intra domain. Sync is with AD FS.
OPNC gives me a warning, that AAD device sync coulndt find any cloud pc.

Do you have any idea what can i check?
Labels:
1,533 Views
0 Likes
3 Replies
Reply
3 Replies
xTwoTwo

‎Oct 15 2021 08:02 AM

‎Oct 15 2021 08:02 AM

Re: The CPC-* device won't sync with AAD

@Kitram 

Hi,

have you ever managed to sort this out?! I'm facing the exact same issue at the moment.

 

Cheers, Maarten

0 Likes
Reply
Eric Orman

‎Oct 19 2021 09:28 AM

‎Oct 19 2021 09:28 AM

Re: The CPC-* device won't sync with AAD

Hybrid Azure AD join has to be enabled in Azure AD connect in order to sync devices that are AD joined to Azure. Steps are pretty easy, here is doc to help = https://docs.microsoft.com/en-us/azure/active-directory/devices/hybrid-azuread-join-managed-domains

If that is configured and proper OU was selected then there might be something else, here is good troubleshooting doc = https://techcommunity.microsoft.com/t5/windows-it-pro-blog/troubleshooting-hybrid-azure-ad-errors-du...
0 Likes
Reply
Kitram

‎Oct 19 2021 09:56 AM

‎Oct 19 2021 09:56 AM

Re: The CPC-* device won't sync with AAD

@xTwoTwo
Did you check inside the computer object in on-prem AD the attribute usercertificate? Is this empty or filled in?

Yes, I did. In my case it was my webfilter, which blocked the the Microsoft CA.

Simplest way to troubleshoot is just to create a simple VM in azure. The VM should have the VNET which is integrated to W365. Then make sure the VM is AD joined (on-prem) and in the right OU, where tje CPC-* devices are. Check if this computer object is synced with Azure Ad. If notnstart to trounleshoot with (Dsregcmd /join etc.)

https://docs.microsoft.com/en-us/azure/active-directory/devices/troubleshoot-hybrid-join-windows-cur...
0 Likes
Reply