On a hybrid setup , you may experience workstation failed to Enroll after being Hybrid Join.
Navigating to Event Viewer-Applications and Services-Microsoft-Windows-DeviceManagement-Enterprise-Diagnostics-Provider/Operational, you will get Unknown Win32 Error code : 0xcaa9001f.
Microsoft Docs has a solution which might work if the setup and the problem is identical to what Microsoft explains in the docs or this could be a unique problem in your Infra Setup.
Symptoms:
Enrollment fails in a hybrid environment.
- You are using AAD Connect to sync with Azure
- GPO is deployed for MDM Enrollment with user credential
- You are targeting an OU in AAD Connect.
Cause:
The issue occurs in the following situation.
- Device was initially part of the OU which was setup with AAD Connect. Device was moved out of the OU several times causing the Registration as pending in Azure. Device when stuck as pending status will most likely end up with Unknow Error at Enrollment.
Solution:
Move the machine back to the OU which is syncing in AAD Connect. Connect to the device and remove the machine from AAD. Run dsregcmd /leave on the machine with Admin Rights. Restart the machine and let AAD Connect rejoin the machine with Azure
Related Posts
- Enroll Windows 11 Device to Intune through Azure AD Join method
- Windows 11 enrollment with Provisioning package failed with error code 0x800700b7
- Invalid_Client error when joining Windows 10 device to Azure AD tenant
- Intune – Windows 10 MDM- Basic troubleshooting
- That account info didn’t work – error when disconnecting Windows 10 / 11 Work or School account
