Invalid_Client error when joining Windows 10 device to Azure AD tenant

Leave a Comment / By / Microsoft Intune, Windows 10 / 11 /

Issue:

When trying to join a Windows 10 or Windows 11 device to the Azure AD tenant using Settings > Access Work or School > Connect > Join this Device to Azure AD , you may get the following error.

Looks like we can’t connect to the URL for your organization’s MDM terms of use. Try again, or contact your system administrator with the problem information from this page.

Error: Invalid_Client

Description: Failed to authenticate user

AD Join - Invalid Client Error

AD Join – Invalid Client Error

This issue may occur due to various reasons. Please check the following things if you encounter similar issue.

1. Have you configured the automatic MDM enrollment?

If a user is configured to automatically enrolled into Microsoft Intune when device is joined to Azure Active Directory (AAD) then Intune enrollment become mandatory during Azure AD Join. The device will not be joined to Azure AD if MDM enrollment failed.

Please check if MDM scopes are configured.

Go to Endpoint Manager admin center > Devices> Windows > Automatic Enrollment to check the settings.

Microsoft Intune - MDM Scope

Microsoft Intune – MDM Scope

2. Have you assigned Microsoft Intune license to user?

The user must have Microsoft Intune and Active Directory Premium P2 license assigned. You can validate this from Microsoft Endpoint Manager admin center / Users / <User Name>/ License.

You may have to wait for 10-15 minutes if getting same error evening after license assignment.

Related Posts

Subscribe to Techuisitive Newsletter

Be the first to know about our new blog posts, Get our newsletter directly in your inbox and stay up to date about Modern Desktop Management technologies and news.

Subscribe

Recent Posts

Leave a Comment

Your email address will not be published. Required fields are marked *

Scroll to Top