question

SvenKuijper-2630 avatar image
0 Votes"
SvenKuijper-2630 asked LuDaiMSFT-0289 commented

[Intune + MacOS] Credentials for remote management

57148-processed.jpeg



Latest MacbookAir (silicon) via Apple School Manager (DEP) has an assigned profile in Intune MDM.

The profile has user affinity with Azure AD, the same way we manage Windows laptops in Intune. Now when starting up the Macbook, the first thing I see is the login-screen to connect to the Intune-MDM server. Several attempts with multiple accounts, to no avail. Macbook doesnt even seem to connect to the MDM-server (no attempts seen on network).

WS-Trust 1.3 has been setup correctly.

How do I get the Macbook setup correctly? Wich setting am I missing?

mem-intune-enrollment
processed.jpeg (1.4 MiB)
5 |1600 characters needed characters left characters exceeded
Toggle Comment visibility. Current Visibility: Visible to all users

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

1 Answer

LuDaiMSFT-0289 avatar image
1 Vote"
LuDaiMSFT-0289 answered LuDaiMSFT-0289 commented

@SvenKuijper-2630 Thanks for posting in our Q&A.

To clarify this issue, we appreciate your help to check if we configure MFA to DEP enrollment devices. If we deploy MFA, we will stuck in user login. We can read the following article as a reference:
https://docs.microsoft.com/en-us/mem/intune/enrollment/troubleshoot-ios-enrollment-errors#ade-enrollment-stuck-at-user-login

Hope the above information will help.

If the response is helpful, please click "Accept Answer" and upvote it.
Note: Please follow the steps in our documentation to enable e-mail notifications if you want to receive the related email notification for this thread.


· 3
5 |1600 characters needed characters left characters exceeded
Toggle Comment visibility. Current Visibility: Visible to all users

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

SvenKuijper-2630 avatar image SvenKuijper-2630 ·

Thanks! I'll try that first. Although my collegeaus said they had tried it before, i personally haven't yet.

0 Votes 0 ·
SvenKuijper-2630 avatar image SvenKuijper-2630 ·

@LuDaiMSFT-0289
57648-schermafbeelding-2021-01-18-111020.png

Here's the account used for enrolling the device. This account has no MFA but still the login does not work.

Another strange thing, it says the device has never contacted the MDM-server. Does that only happen after the device is enrolled?
57724-schermafbeelding-2021-01-18-om-153909.png

The device has been completely removed from the MDM-server and reconected. After that i've wiped and reinstalled the OS, but still the same situation.


0 Votes 0 ·
schermafbeelding-2021-01-18-111020.png (8.3 KiB)
schermafbeelding-2021-01-18-om-153909.png (36.6 KiB)
LuDaiMSFT-0289 avatar image LuDaiMSFT-0289 SvenKuijper-2630 ·

@SvenKuijper-2630 Thanks for your reply.

Could you please check if there is any conditional access policy to this affected user? If yes, please disable this conditional access policy and try to re-enroll.

If this issue still exists, we need to do log analysis to identify. With Q&A limitation, Q&A is not the best channel for such log analysis case. So we suggest to open a case to check on this. The following link describe how to open a case, we can refer to it:
https://docs.microsoft.com/en-us/mem/intune/fundamentals/get-support

Thanks for understanding and have a nice day.

1 Vote 1 ·