locked
Event ID 76 - Auto MDM Enroll: Device Credential (0x1), Failed (Unknown Win32 Error code: 0x80180001) RRS feed

  • Question

  • Hello Everyone!

    We have a hybrid AD environment, an on-premise traditional AD server connect to Azure AD with AD Connect. We have hash sync, sso and all that fun stuff working flawlessly. 

    I've been trying to roll out intune and it looks like the Automatic and GPO enrollment is the way to go for us since all of our machines are already traditionally ad joined to the on prem AD server and showing up in Azure AD Devices as Hybrid Devices.

    A few of our machines have come in without issue, but the vast majority are not coming into intune. They are showing up in AAD as Hybrid Azure AD Joined, MDM is "none".

    I ran through the docs with my colleagues and now intune support. Reviewed everything from hybrid device sync with AD Connect, GPO for Automatic Enrollment and ensured users are licensed for intune.

    When looking at the event viewer logs under DeviceManagement-Enterprise-Diagnostics-Provider I am seeing event ID 76:
    Auto MDM Enroll: Device Credential (0x1), Failed (Unknown Win32 Error code: 0x80180001)

    I'm not finding any info on that specific error message anywhere so I thought I'd reach out here.
    I made sure the machine is up to date, the GPO is set to user 'device credentials, and the dsregcmd /status verifies the hybrid state with valid PRT, MDM urls etc.
    Wednesday, April 8, 2020 6:07 PM

All replies

  • Hello Paul,

    For the GPO setting for enrollment, did you choose Device Credential or User Credential?

    I would recommend to choose User Credential currently.

    Best regards,
    Andy Liu


    Please remember to mark the replies as answers if they help.
    If you have feedback for TechNet Subscriber Support, contact tnmff@microsoft.com.

    Thursday, April 9, 2020 2:30 AM
  • Hello,

    Just to follow up, I would like to check is there is any update about this case?

    Is the solution helpful?

    Best regards,
    Andy Liu


    Please remember to mark the replies as answers if they help.
    If you have feedback for TechNet Subscriber Support, contact tnmff@microsoft.com.

    Tuesday, April 14, 2020 8:22 AM
  • Paul, 

    Were you able to find a solution to this issue?

    Thank you,

    Faisal Hashem

    Monday, July 13, 2020 4:50 AM
  • I want to add on this as i see many are struggling with this issue, and so did i after going through tons of documentation on how to setup this properly. Make sure youre logging in with the same UPN suffix as the Azure AD user. I think many are logging in with on-prem domain name so what is happening is that Azure AD Connect syncs up youre devices and they get joined to Azure AD as Hybrid Joined but without MDM URL as MDM policies are towards Azure AD Users and the device only see your on-prem username which is probably different than the Azure AD username. Verify this with dsregcmd /status and youre probably missing the MDM URL.

    So i would make sure to add in Active Directory Domains and Trust an alternative UPN suffix to match the same domain Azure AD is using. Then you are able to login with your Azure AD credentials on the on-prem device and you will get MDM policies and enrolled correctly. 





    Thursday, July 30, 2020 9:52 AM