question

karthikpalani-9530 avatar image
0 Votes"
karthikpalani-9530 asked saldana-msft edited

Comanage - Enroll Error

Hi All,

I am implementing co-management between SCCM & Intune. I have almost 500 machines, in which 300 machines are co-managed successfully. I verified the comanagehandler log and i see the below errors under Device Management. All the machines have Hybrid AD enabled and shows in Azure console as well

Failed to enroll with RegisterDeviceWithManagementUsingAADDeviceCredentials with error code 0x80192ee2"
"Auto MDM Enroll: Device Credential (0x0), Failed (Unknown Win32 Error code: 0xcaa90014)"

I verified the Intune enrollment group under AAD (MAM and MDM), All URL's (https://enterpriseregistration.windows.net, https://login.microsoftonline.com, https://device.login.microsoftonline.com, https://autologon.microsoftazuread-sso.com) are opened for communication, CNAME record is registered.

Please advice on how to proceed

mem-cm-generalmem-intune-generalmem-intune-enrollment
5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

Jason-MSFT avatar image
0 Votes"
Jason-MSFT answered

Just because HAADJ is configured and enabled, doesn't mean it is successful. My guess here is that the failing devices are suffering from exactly this. See https://docs.microsoft.com/en-us/troubleshoot/mem/intune/troubleshoot-co-management-auto-enrolling for troubleshooting guidance.

5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

Amandayou-MSFT avatar image
0 Votes"
Amandayou-MSFT answered

Hi @karthikpalani-9530,

Could we know what the result when running "dsregcmd /status" is?
About device of correct dsregcmd /status, please check this link:
https://docs.microsoft.com/en-us/windows/client-management/mdm/enroll-a-windows-10-device-automatically-using-group-policy

And what are the affected windows version?



If the response is helpful, please click "Accept Answer" and upvote it.
Note: Please follow the steps in our documentation to enable e-mail notifications if you want to receive the related email notification for this thread.


5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

karthikpalani-9530 avatar image
0 Votes"
karthikpalani-9530 answered

Hi,

Thanks for the input, I tried Group policy and the steps shared by Mr. Jason. Still its same

I tried Intune manual enrollment and found the below error

80708-enroll-error.jpg



Is it something related to Network or port communication. Please advice


enroll-error.jpg (24.7 KiB)
5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.