Windows user is not authorized to enroll
This article gives troubleshooting steps to help resolve an issue where a user is not authorized to enroll their Windows device.
Symptom
When a user tries to enroll a Windows device, they encounter one of the following error messages:
Error 0x801c003: "This user is not authorized to enroll. You can try to do this again or contact your system administrator with the error code (0x801c0003)."
Error 80180003: "Something went wrong. This user is not authorized to enroll. You can try to do this again or contact your system administrator with error code 80180003."
Cause
These errors can result from any of the following conditions:
- The user has already enrolled the maximum number of devices allowed in Intune. (Read Solution 1 and Solution 2.)
- The device is blocked by the device type restrictions. (Read Solution 3.)
- The computer is running Windows 10 Home. However, enrolling in Intune or joining Microsoft Entra ID is only supported on Windows 10 Pro and higher editions. (Read Solution 4.)
- The Microsoft Entra setting Users may join devices to Microsoft Entra ID is set to None, which prevents new users from joining their devices to Microsoft Entra ID. Therefore Intune enrollment fails. (Read Solution 5.)
Try the following solutions, depending on your scenario.
Solution 1
If your user has reached the maximum number of allowed devices, use these steps to remove unused devices.
- Sign in to the Microsoft Intune admin center.
- Go to Users > All Users.
- Select the affected user account, and then click Devices.
- Select any unused or unwanted devices, and then click Delete.
Solution 2
If there are no unused devices to remove, use these steps to increase the device enrollment limit.
Note
This method increases the device enrollment limit for all users, not just the affected user.
- Sign in to the Microsoft Intune admin center.
- Go to Devices > Enrollment restrictions > Default (under Device limit restrictions) > Properties > Edit (next to Device limit) > increase the Device limit (maximum 15)> Review + Save.
Solution 3
Check if device enrollment is blocked by device type restrictions.
Sign in to the Microsoft Intune admin center with a global administrator account.
Go to Devices > Enrollment restrictions, and then select the Default restriction under Device Type Restrictions.
Select Platforms, and then select Allow for Windows (MDM).
Important
If the current setting is already Allow, change it to Block, save the setting, and then change it back to Allow and save the setting again. This resets the enrollment setting.
Wait for approximately 15 minutes, and then enroll the affected device again.
Solution 4
Upgrade Windows 10 Home to Windows 10 Pro or a higher edition.
Solution 5
Check or update your Microsoft Entra settings to allow users to join devices.
- Sign in to the Azure portal as an administrator.
- Go to Microsoft Entra ID > Devices > Device Settings.
- Set Users may join devices to Microsoft Entra ID to All.
- Enroll the device again.
Feedback
Coming soon: Throughout 2024 we will be phasing out GitHub Issues as the feedback mechanism for content and replacing it with a new feedback system. For more information see: https://aka.ms/ContentUserFeedback.
Submit and view feedback for