ERROR CODE :80192EE7. Your account was not setup in device because device management could not be enabled.

RZ-11 Admin 80

We're in the process of configuring a computer with a Microsoft Business Premium account. The computer currently has an administrator account under ****@ugafco.aero. Now, I'm attempting to add another account to Microsoft 365 (Office), specifically ****@ugafcoaero.onmicrosoft.com, which was provided by the admin for Business Premium. However, we're encountering error code 80192EE7. How can we troubleshoot and resolve this issue?

WhatsApp Image 2024-03-18 at 16.02.11_1228d5c8

rpodric 96 Reputation points

2024-03-19T18:57:18.92+00:00

Yes, also seeing this as of late yesterday and today. Don't see anything in the Admin Center about it but it must be a temp service issue.
Darren Chapman 0 Reputation points

2024-03-20T04:19:32.26+00:00

Same here today. In our case, not adding admin just normal user.
rpodric 96 Reputation points

2024-03-20T05:33:14.47+00:00

Strange that that would matter (the account doesn't seem to matter for us). Nor does the machine or location.

Interestingly, when trying against an unrelated test 365 tenant (one without a custom domain, incidentally), no problem! Just with our normal tenant, one that's never had this problem before. It feels like it might be a DNS thing, but our 365 DNS has been unchanged for years, and the two pertinent ones (enterpriseenrollment and enterpriseregistration) both check out in 365 Admin when freshly checked. So, I'm stumped.
Joe Window 5 Reputation points

2024-03-20T10:25:20.6433333+00:00

having the same issue. Tried to take a machine off domain and back on to fix an issue but unable to add it back. worked out you can just enrol in Device management, so that is working. We are using Autopilot as well so not sure if Autopilot issue or Entra issue.

Can see in the Intune logs that it registers the device and the deletes it again 3 seconds later. So that part is working.
rpodric 96 Reputation points

2024-03-20T14:44:22.13+00:00

Yes, the audit log shows activity, but a little too much (the last two items shouldn't be occurring and are a reflection of whatever the failure is):

-Add device

-Add registered users to device

-Add registered owner to device

-Update device

-Register device

-Delete device

-Unregister device
Seth Olsen 0 Reputation points

2024-03-20T17:59:25.04+00:00

I ran into this issue today as well.
Daniel Lagden 0 Reputation points

2024-03-21T12:24:09.0766667+00:00

Need an urgent fix. Tried resetting computer and trying different company laptops but they all now have the same issue.

I disconnected the account on another computer and then tried to re-log back in and now have the same error message and cannot re-add the account
Dominik Brunner 0 Reputation points

2024-03-21T13:54:18.1566667+00:00

Same Problem here
William COURANT 10 Reputation points

2024-03-21T14:52:55.58+00:00

Same problem here in France. Some user has been disconnected and impossible ton register the device again.

We also get theses errors :

erreur : CAA80000 erreur : CAA50021

We opened a case but the operator thought that it was a problem of our office install...

So i'm waiting for a solution
rpodric 96 Reputation points

2024-03-21T14:57:40.2766667+00:00

Has anyone opened a case yet? It not, I probably will today. Unfortunately, this one is ambiguous enough that I'm unsure if it should be opened on the Azure side or the Office 365 side.
Joe Window 5 Reputation points

2024-03-21T15:10:32.0833333+00:00

I have logged a ticket with our 365 Vendor and currently jumping though the hoops of proving its not a setup issue our end. I am going to attempt to rebuild one of the machines with Autopilot tomorrow morning but not 100% if it will work. also having same issue with another customer now.
rpodric 96 Reputation points

2024-03-21T22:59:08.11+00:00

Look forward to hearing what they say, if you can get them to understand it.

This isn't much help, but I noticed the it's logged locally here:

Microsoft-Windows-DeviceManagement-Enterprise-Diagnostics-Provider/Admin

"MDM Enroll: Certificate enrollment request sending failed. Result: (Unknown Win32 Error code: 0x80192ee7)."

It's just not making the connection, as if there's a fundamental problem--which would make slightly more sense if I couldn't then immediately make it work with another tenant. Figuring out why that is will be the answer.

I should point out that we don't use Intune, so our MDM, if you can call it that, is just the base Microsoft 365 one. I suspect they're in the same boat when it comes to this problem though.
Joe Window 5 Reputation points

2024-03-22T10:32:34.3166667+00:00

After Resetting Windows and trying to join it again via Autopilot, it was still unable to join the domain.
Dominik Brunner 0 Reputation points

2024-03-22T13:17:51.0766667+00:00

I did add the "Intune Plan 1 Device Test Version" to the (already equipped with a lot of licenses) user making the registration.

Then it works.

Adding an intunte license to a blank user did not do the job - something from the "office 365 E5" might have been of use (attention - not "Microsoft 365 E5").

Very unpleasant and time consuming - to find out M$ just wants a couple of monies more...
rpodric 96 Reputation points

2024-03-22T14:19:37.75+00:00

Dominik, I wonder if that's more happenstance than a reason. If Intune is your MDM, which it must be, it wouldn't be that surprising that something like that is necessary, but this is happening even when Intune isn't in the picture. There's a broader explanation that I think would satisfy all scenarios in which this problem is happening this week when it hasn't before.
William COURANT 10 Reputation points

2024-03-22T14:21:51.95+00:00

Hi everyone,

Microsoft has confirmed to me from the opened ticket that there is a general problem.

They are trying to fix it ASAP.

Regards,
Joe Window 5 Reputation points

2024-03-22T14:32:31.55+00:00

OK, So Rebuilding with Autopilot did get me around this. It wasn't working before due to restriction on Who can add machines to the network.
Rosa Linares 0 Reputation points

2024-04-27T02:37:17.05+00:00

Ya intente de todo y no puedo quitar ese error, ya que mi cuenta es institucional, alguien sabra que puedo hacer ?
Crisp 0 Reputation points

2024-05-05T16:37:38.6466667+00:00

I had to go into Settings and add the work account to the list 'Access work or school'. Which allowed the MFA to go through. Then, I was able to add the account in 'Email & accounts'. Access was resolved after adding to both sections for my particular case.
Md Shahin Patwary 0 Reputation points

2024-07-27T18:20:32.93+00:00

Set "Windows Information Protection (WIP) user scope" to "None"
Md Shahin Patwary 0 Reputation points

2024-07-27T18:22:57.86+00:00

Set "None" user scope of Windows information protection (WIP)

5 answers

Pete S 125 Reputation points

2024-03-22T15:50:55.9633333+00:00

The following resolved this issue for us (solution provided by Microsoft support):

Go to portal.azure.com > Microsoft Entra ID > Mobility (MDM and WIP) > Microsoft Intune

Set "Windows Information Protection (WIP) user scope" to "None"

Since we were not using any WIP policies, this had no functional impact to us, other than resolving the enrollment issue.
Please sign in to rate this answer.

25 people found this answer helpful.
rpodric 96 Reputation points

2024-03-22T15:59:59.0666667+00:00

Not sure why they would be focusing on Intune, which we're not using, meaning that it can't be at the heart of the problem (but more a workaround). That screen is N/A for us and can't be changed:

https://i.imgur.com/8HZNrU2.png

So, I guess we wait until they roll out the ultimate fix.

rpodric 96 Reputation points

2024-03-22T16:45:07.43+00:00

OK, not sure why my previous comment is not showing up, but good news: Clicking "Restore default MDM URLs" and "Restore default WIP URL" on that screen allowed me to set it on None and then Save, which did work. I also set the MDM user scope on None since that's how it was set on the test tenant I have. I've never used this screen before to my memory.

Jack Man Maker 1 Reputation point

2024-03-22T16:48:47.2733333+00:00

We just started having this problem and setting "Windows Information Protection (WIP) user scope" to "None" solved the problem for us.

Βασίλειος Πανούσης 0 Reputation points

2024-03-24T17:28:23.0933333+00:00

Thank you very much for sharing the info. This resolved my issue too.

rpodric 96 Reputation points

2024-03-24T18:02:38.39+00:00

Does anyone think that the deprecation of WIP starting almost two years ago is not a coincidence and is the reason for this seemingly sudden problem? If so, it was a strange way to go about it. Announcement back then or not, no one was going to anticipate this.

Cody Hayes 0 Reputation points

2024-04-03T22:29:21.42+00:00

2024-04-03: This solution worked for me too!
P.S. Just noticed this message (found at endpoint.microsoft.com: devices > Windows > Windows Enrollment: "Creating new WIP without enrollment policies (WIP-ME) is no longer supported. For more information, see Windows Information Protection"

Seems you could create WIP enrollment policies to fix also. Turning off WIP assignment is a quicker fix! :-D Thank you!!

RustiJ 0 Reputation points

2024-04-09T18:59:53.7+00:00

This worked for me also! Thanks Pete!!!

Vacuator-1371 0 Reputation points

2024-04-26T14:19:13.9266667+00:00

Thanks for sharing the fix! Fixed it real good!

Luis Santiago 15 Reputation points

2024-04-28T07:02:34.2533333+00:00

Works, just follow to switch None and Restore default MDM URLs in the Entra ID (MDM and WIP).

Luis Santiago 15 Reputation points

2024-04-28T07:11:10.84+00:00

Regarding to add in the APP Enterprise portal from the store to add the URL "https://enrollment.manage.microsoft.com/enrollmentserver/discovery.svc" when ask

Joe Arena 0 Reputation points

2024-05-12T22:22:22.4133333+00:00

Thank you, thank you !!!!! I've recently set up a new Dell PC. No matter what I did, I could not access files from my organization's OneDrive (even though I set up the OneDrive and am the administrator). I spent three hours trying all sorts of things, including uninstalling/re-installing Word/Excel. Luckily for me, I found this post about Windows Information Protection (which I have no idea what it is). I turned the scope to 'None', Windows registered my OneDrive and I'm good to go. Thanx again !!!!!

Michael Derham 0 Reputation points

2024-05-26T14:47:28.68+00:00

This worked for me, thank you.

Antonis Constantinou 0 Reputation points

2024-06-03T11:48:34.9233333+00:00

Thank you. This has resolved my issue.

RJ Emmett 26 Reputation points

2024-09-11T23:49:17.8+00:00

This worked for me. Thank you.
Sign in to comment

Use comments to ask for clarification, additional information, or improvements to the question.
Jan Rijsdijk 25 Reputation points

2024-06-03T09:32:14.71+00:00
I had this issue when trying to connect my work and school account.

Using the Enroll only in device management option solved it for me.

To enroll only in device management, you need to 1 2:

Open Settings app.

Select Accounts.

Navigate to Access work or school.

Select Enroll only in device management option.

Type your work email address.
Please sign in to rate this answer.

5 people found this answer helpful.
SB 0 Reputation points

2024-08-31T08:18:24.42+00:00

This just worked for me. Once done, the standard 'add a work or school account' process then worked to get me signed in. Beforehand, I just got the error.

Jeremie AKWE 0 Reputation points

2024-09-23T09:43:35.3766667+00:00

Effectivement, ça a fonctionné pour moi
Sign in to comment

Use comments to ask for clarification, additional information, or improvements to the question.
JohnNeu 25 Reputation points

2024-03-25T21:50:05.8466667+00:00

I've had this error as a result of MFA.

My users all have MFA enforced, but recently the company took away cell phones as a cost-savings measure, but didn't heed IT's recommendation for a turn-in process so we could coordinate the needed change in MFA methods. As a result, most users wiped their phones when they turned them over, thus no way to continue to do MFA.
I used to simply disable MFA on (https://account.activedirectory.windowsazure.com/UserManagement/MultifactorVerification.aspx) and then could set them up with some alternate method of authentication, but as of today (2024-03-25) disabling there did nothing, even after waiting 30 minutes.

The solution was to go to Entra (AzureAD) > users > authentication methods (https://entra.microsoft.com/#view/Microsoft_AAD_UsersAndTenants/UserProfileMenuBlade/~/UserAuthMethods) and establish new methods there. This is actually more convenient because I don't have to do an actual verification on the end-device (phone call, sms to mobile device, or email to home email addy, -- users don't like using the app at all). So, I just input their phone#, home email, etc. in there and then have the users try connecting again using the new MFA method.

john
Please sign in to rate this answer.

3 people found this answer helpful.

0 comments No comments
Sign in to comment

Use comments to ask for clarification, additional information, or improvements to the question.
Luis Santiago 15 Reputation points

2024-04-28T07:26:28.0266667+00:00

Works, just only switch to "None" and retore default MDM URLs

In the Enterprise Portal add the URL "https://enrollment.manage.microsoft.com/enrollmentserver/discovery.svc"to finish the enrollment if ask.
Please sign in to rate this answer.

3 people found this answer helpful.

0 comments No comments
Sign in to comment

Use comments to ask for clarification, additional information, or improvements to the question.
JerryGartner-5756 0 Reputation points

2024-07-29T19:09:30.7933333+00:00

I have installed the Intune Corporate Portal on the devices and it works as expected. It's nice to have remote control of the devices in case they are stolen, or if someone is let go, we don't need to track down their device.
Please sign in to rate this answer.

0 comments No comments
Sign in to comment

Use comments to ask for clarification, additional information, or improvements to the question.

Share via

ERROR CODE :80192EE7. Your account was not setup in device because device management could not be enabled.

5 answers

Your answer