question

RushadAnklesaria-9035 avatar image
0 Votes"
RushadAnklesaria-9035 asked Phoenixtekk answered

Intune enrolment error for AVD multisession CAA50101

I have two Windows 10 multi session desktops running 20H2+office Pro plus gen2 (Microsoft library image). I am trying to enrol them into Intune via the Company Portal app from the MS store.
But when I authenticate the user in questions I get this error.

Error Code:CAA50101
Server message: Add account operation is blocked by policy on this device

I have checked the GP settings and local policy setting and they have been disabled, MS so accounts can be used.

azure-virtual-desktopmem-intune-enrollment
5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

JarvisSun-MSFT avatar image
0 Votes"
JarvisSun-MSFT answered

@RushadAnklesaria-9035 Thanks for posting in our Q&A.
As far as I know, it seems to be a feature which is related with Azure AD join and registration service, I suggest you may contact your admin to confirm if Mobile DeviceManagement for Office 365 or Microsoft Intune services is enabled. Since these two services requires device registration, if one of them enabled, users in organization will be able to register their devices to Azure AD. Or if both services isn’t enabled, you may let admin login Azure AD admin center->Devices->Devices settings, and check if “Users may register their devices with Azure AD” setting is enabled:


122479-image.png

After confirmed above settings, you may try to register your device again to see if it works.



If the response is helpful, please click "Accept Answer" and upvote it.
Note: Please follow the steps in our documentation to enable e-mail notifications if you want to receive the related email notification for this thread.



image.png (96.9 KiB)
5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

RushadAnklesaria-9035 avatar image
0 Votes"
RushadAnklesaria-9035 answered JarvisSun-MSFT commented

Hi @JarvisSun-MSFT
Thank you for responding to my query. I have checked and we do have Intune enabled. I have also checked the setting you mentioned but it is enabled for device registration.
We have had other devices connect successfully to Intune but no the Multisession Windows WVD.

I am attaching a SS of our settings.

123546-intune-join-error.jpg



123591-intune-devices.jpg



· 1
5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

@RushadAnklesaria-9035 Thanks for your reply. The specific cause needs to do further troubleshooting. With the limitation of Q&A, it is better to create an online support ticket to handle this issue. It is free. Here is the online support link and hope it will be resolved as soon as possible.
https://docs.microsoft.com/en-us/mem/intune/fundamentals/get-support

0 Votes 0 ·
Phoenixtekk avatar image
0 Votes"
Phoenixtekk answered

@RushadAnklesaria-9035

The reason you are having this issue, is most likely or might be that the computer once had a registry setting set that block AAD Work place join.

Check the value of Computer\HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WorkplaceJoin\BlockAADWorkplaceJoin and ensure the value is set to 0

Intune Expert

5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.