cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
SOLVED

Can't AAD join windows 10 "Administrator policy does not allow user...to device join" error 801c03ed

Nigel-A
Copper Contributor

‎Feb 01 2021 04:42 AM

‎Feb 01 2021 04:42 AM

Can't AAD join windows 10 "Administrator policy does not allow user...to device join" error 801c03ed

Hi,

We can join the same win 10 devices to AAD with some of our IT users but for newer IT users it fails with the error in the subject. This is OOBE and adding existing win 10 laptop. The devices are fine and meet the requirements etc but there is a problem with the users. I don't know what policy is causing this?

 

The enrollment device restrictions should not be stopping this as some of the users haven't enrolled anyone yet (so no problem with the device limit) and also the device type allowed them to enroll Windows 10. 

 

The users have also been added as device enrollment managers in endpoint manager.

 

Thanks,

Nigel

84.2K Views
0 Likes
12 Replies
Reply
12 Replies
Tic_Patrick

‎Feb 02 2021 05:38 AM

‎Feb 02 2021 05:38 AM

Re: Can't AAD join windows 10 "Administrator policy does not allow user...to device join"

@Nigel-A 

 

I have the same problem with auto-pilot. But also when trying to register it via desktop (add work account). The user was part of the Allowed users for MAM and MDM. Has EMS E3 licence, Office 365 and windows 10

Tic_Patrick_0-1612273061444.png

 

0 Likes
Reply
Nigel-A

‎Feb 02 2021 09:10 AM

‎Feb 02 2021 09:10 AM

Re: Can't AAD join windows 10 "Administrator policy does not allow user...to device join"

@Tic_Patrick yes that's the error. I have users that can join the same devices (my test laptop) but not these other users. Still trying to get it working!

 

Nigel

0 Likes
Reply
best response confirmed by Nigel-A (Copper Contributor)
Tic_Patrick

‎Feb 02 2021 11:24 AM

‎Feb 02 2021 11:24 AM

Solution

Re: Can't AAD join windows 10 "Administrator policy does not allow user...to device join"

@Nigel-A 

 

I found my issue. This setting was set to none because other people played with the settings in intune... I though that by default its set on ALL.

Tic_Patrick_0-1612293584548.png

 

You should also check MAM and MEM  and see whats set up there

 

Tic_Patrick_1-1612293723004.png

 

If it's set to ALL then all users go into the scope if some, then check which user groups.

Also>check if the users are in the correct groups.

       >check licences

       >check how many devices can a user enroll

 

I'm also quite a newbie and I just started playing with Intune. Tell me if the rest of the settings are ok.

 

Cheers!

 

3 Likes
Reply
Nigel-A

‎Feb 03 2021 04:09 AM

‎Feb 03 2021 04:09 AM

Re: Can't AAD join windows 10 "Administrator policy does not allow user...to device join"

@Tic_Patrick yes thanks! My problem was in the

Devices - Microsoft Azure  settings. 

0 Likes
Reply
oryxway

‎Aug 23 2022 05:00 PM

‎Aug 23 2022 05:00 PM

Re: Can't AAD join windows 10 "Administrator policy does not allow user...to device join"

@Tic_Patrick Mine is set to 6 users individually now who have the permissions to join the device to Azure AD. Should I add the group that the users will be enrolling with their names?

 

Here is my error

 

20220823_174000.jpg

0 Likes
Reply
HRtech

‎Nov 17 2022 09:10 AM

‎Nov 17 2022 09:10 AM

Re: Can't AAD join windows 10 "Administrator policy does not allow user...to device join"

This fixed my issue. Thanks!
0 Likes
Reply
Stephanie670

‎Dec 12 2022 07:04 AM

‎Dec 12 2022 07:04 AM

Re: Can't AAD join windows 10 "Administrator policy does not allow user...to device join"

Good morning, please is the user have to get EMS licence to join his device on AAD?
Est ce que l'utilisateur est obligé d'avoir une licence EMS pour pourvoir joindre son appareils a Azure AD?


Thanks in advance
Merci d'avance
0 Likes
Reply
oryxway390

‎Dec 12 2022 09:36 AM

‎Dec 12 2022 09:36 AM

Re: Can't AAD join windows 10 "Administrator policy does not allow user...to device join"

Yes, he has to have EMS license
0 Likes
Reply
Stephanie670

‎Dec 12 2022 10:28 AM

‎Dec 12 2022 10:28 AM

Re: Can't AAD join windows 10 "Administrator policy does not allow user...to device join"

ok thanks for the information
0 Likes
Reply
tshepisomothibi87

‎Aug 23 2023 03:22 AM

‎Aug 23 2023 03:22 AM

Re: Can't AAD join windows 10 "Administrator policy does not allow user...to device join"

@oryxway  Hi what was the solution for the above error message?

 

0 Likes
Reply
1 best response

Accepted Solutions
best response confirmed by Nigel-A (Copper Contributor)
Tic_Patrick

‎Feb 02 2021 11:24 AM

‎Feb 02 2021 11:24 AM

Solution

Re: Can't AAD join windows 10 "Administrator policy does not allow user...to device join"

@Nigel-A 

 

I found my issue. This setting was set to none because other people played with the settings in intune... I though that by default its set on ALL.

Tic_Patrick_0-1612293584548.png

 

You should also check MAM and MEM  and see whats set up there

 

Tic_Patrick_1-1612293723004.png

 

If it's set to ALL then all users go into the scope if some, then check which user groups.

Also>check if the users are in the correct groups.

       >check licences

       >check how many devices can a user enroll

 

I'm also quite a newbie and I just started playing with Intune. Tell me if the rest of the settings are ok.

 

Cheers!

 

View solution in original post

3 Likes
Reply