MDM Enroll: Device Credential, Failed (Unknown Win32 Error code : 0xcaa9001f

On a hybrid setup , you may experience workstation failed to Enroll after being Hybrid Join.

Navigating to Event Viewer-Applications and Services-Microsoft-Windows-DeviceManagement-Enterprise-Diagnostics-Provider/Operational, you will get Unknown Win32 Error code : 0xcaa9001f.

Microsoft Docs has a solution which might work if the setup and the problem is identical to what Microsoft explains in the docs or this could be a unique problem in your Infra Setup.

Symptoms:

Enrollment fails in a hybrid environment.

• You are using AAD Connect to sync with Azure
• GPO is deployed for MDM Enrollment with user credential
• You are targeting an OU in AAD Connect.

Cause :

The issue occurs in the following situation.

• Device was initially part of the OU which was setup with AAD Connect. Device was moved out of the OU several times causing the Registration as pending in Azure. Device when stuck as pending status will most likely end up with Unknow Error at Enrollment.

Solution:

Move the machine back to the OU which is syncing in AAD Connect. Connect to the device and remove the machine from AAD. Run dsregcmd /leave on the machine with Admin Rights. Restart the machine and let AAD Connect rejoin the machine with Azure

Related Posts

• Win32 App Deployment failed with error code 0x80070643
• Win32 App Deployment Failed with Error 0x87D1041C
• Win32 App Deployment failed with error 0x87D300C9
• Win32 App failed with error code 0x80070653
• That account info didn’t work – error when disconnecting Windows 10 / 11 Work or School account
• Intune – Windows 10 MDM- Basic troubleshooting
• Deploying Microsoft 365 Apps Stuck in Downloading in Company Portal
• Windows 10 / 11 Operating System Build Versions
• MDM Enroll: Device Credential, Failed (Unknown Win32 Error code : 0xcaa9001f
• Microsoft Endpoint Manager: Error Code Reference
• Intune Bulk Enrollment with Provisional Package failed Error 0xCAA2000C