question

TemnyPan-8649 avatar image
0 Votes"
TemnyPan-8649 asked JamesTran-MSFT commented

Company devices indentified as personal - error 8018004

Hi,
I can't join any of our company devices into corporate Azure AD because of 8018004. We have our own AD but wish to use corporate SSO for authentication. What makes Azure AD to think the device is not part of company but "personal"?

mem-intune-enrollmentazure-ad-device-management
5 |1600 characters needed characters left characters exceeded
Toggle Comment visibility. Current Visibility: Visible to all users

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

1 Answer

JamesTran-MSFT avatar image
0 Votes"
JamesTran-MSFT answered JamesTran-MSFT commented

@TemnyPan-8649
Thank you for your post!

From the error you received - Error 80180014, I was able to find some related issues and will share the solutions below to hopefully help point you in the right direction.

Error Code 80180014:
Mobile Device Management (MDM) server doesn't support this platform or version. For more info.
193215-image.png

In order to resolve this, can you follow the steps below. For more info - Your organization does not support this version of Windows.

  1. In the Microsoft Endpoint Manager admin center, chooses Devices > Enrollment restrictions > choose a device type restriction.

  2. Choose Properties > Edit (next to Platform settings) > Allow for Windows (MDM).

  3. Click Review + Save.


Related Issues:
Error 80180014 due to device restrictions for Windows Autopilot devices
Error 80180014 when joining azure ad - YouTube
Error Code 80180014


If you're still having issues, can you share how you're trying to join your devices to Azure AD?
Thank you for your time and patience throughout this issue.

Please remember to "Accept Answer" if any answer/reply helped, so that others in the community facing similar issues can easily find the solution.


image.png (14.0 KiB)
· 6
5 |1600 characters needed characters left characters exceeded
Toggle Comment visibility. Current Visibility: Visible to all users

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

JamesTran-MSFT avatar image JamesTran-MSFT ·

@TemnyPan-8649
I just wanted to check in and see if you had any other questions or if you were able to resolve this issue?

0 Votes 0 ·
TemnyPan-8649 avatar image TemnyPan-8649 JamesTran-MSFT ·

Unfortunately, I can't change the restrictions as I am not Azure AD admin. But it's definitely not because of mobile device or wrong Windows version (I have tried 20H2, 21H2 etc. even Windows 11). I think maybe these devices had to be presetup with Intune or something like that.

0 Votes 0 ·
Crystal-MSFT avatar image Crystal-MSFT TemnyPan-8649 ·

@TemnyPan-8649 , In General, the device enroll with one of the following enrollment will be consider as corporate device. For others, it will be consider as personal.
-Enrolled with a device enrollment manager account (all platforms)
-Enrolled by using Google Zero Touch
-Enrolled by using Knox Mobile Enrollment
-Enrolled with the Apple Device Enrollment Program, Apple School Manager, or Apple Configurator (iOS/iPadOS only)
-Identified as corporate-owned before enrollment with an international mobile equipment identifier (IMEI) numbers (all platforms with IMEI numbers) or serial number (iOS/iPadOS and Android)
-Enrolled as Android Enterprise corporate-owned devices with work profile
-Joined to Azure Active Directory with work or school credentials. Devices that are Azure Active Directory registered will be marked as personal.
-Set as corporate in the device's properties list

https://docs.microsoft.com/en-us/mem/intune/enrollment/corporate-identifiers-add

Please check if you choose one of the above method to do the enrollment. If not, change the above enrollment method to see if it can work.

0 Votes 0 ·
Show more comments