This browser is no longer supported.
Upgrade to Microsoft Edge to take advantage of the latest features, security updates, and technical support.
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(160, 33%, 25%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EMM%3C/text%3E%3C/svg%3E)
I synchronized all users and devices with AD Connect and used the Hybrid service to add on-prem devices to Azure as hybrid. Then, I configured the GPO to auto-enroll these devices, but they are still not showing up under Intune devices after waiting for two days. I received the error "Auto MDM Enroll: Device Credential (0x0), Failed (Mobile Device Management (MDM) is not configured.)" despite enabling MDM for all and using a user with an Intune license. Could MFA be on cause of this issue?
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(233.6, 30%, 32%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ECM%3C/text%3E%3C/svg%3E)
@Mahmoud Madani, How's everything going? if the answer is helpful, please click "Accept Answer". Thanks!
Yes, MFA could be blocking the enrollment. Entra sign-in should confirm that. Try excluding a user and if the works then you can exclude the Intune enrollment app in the CA policy in question.
okay, but another thing I have Microsoft Intune set to all, but I couldn't find Microsoft Intune Enrollment to configure it.
may this cause the issue ?
@Mahmoud Madani, Thanks for the reply. For GPO enrollment, there's no need to configure Microsoft Intune Enrollment.