This browser is no longer supported.
Upgrade to Microsoft Edge to take advantage of the latest features, security updates, and technical support.
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(83.2, 28.999999999999996%, 18%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EJB%3C/text%3E%3C/svg%3E)
I created a new Application group type of desktop and select the option for them to be enrolled in intune. These are Azure AD joined only and have Azure AD users logging into them.
An object for each vm is created in Azure AD, but they are not in intune.
Time away for Thanksgiving.
I did select the option to enroll VMS with intune automatically when I created the pool.
The MDM setting is set to all in the azure portal
I'm reviewing the event logs and will get back to you.
Thanks!
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(246.4, 19%, 33%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EEB%3C/text%3E%3C/svg%3E)
Did you ever resolve this issue? I'm fading the same issue and can't find any assistance online.
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(233.6, 30%, 32%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ECM%3C/text%3E%3C/svg%3E)
@Jason Benway ,Thanks for posting in Q&A.
From the official article, it mentioned when deploy Azure AD joined VMs, selecting Azure Active Directory gives you the option to enroll VMs with Intune automatically,
https://learn.microsoft.com/en-us/azure/virtual-desktop/deploy-azure-ad-joined-vm#deploy-azure-ad-joined-vms
If so, I think we can configure the automatic MDM enrollment and set the MDM user scope as all to see if it works.
https://learn.microsoft.com/en-us/mem/intune/enrollment/windows-enroll
Meanwhile, please also ensure the user is with Intune license to enroll device.
However, if the issue still persists, you can check the DeviceManagement-Enterprise-Diagnostic-Provider event log to see if there's any finding:
https://learn.microsoft.com/en-us/windows/client-management/diagnose-mdm-failures-in-windows-10#collect-logs-directly-from-windows-10-pcs
Hope it can help.
If the answer is helpful, please click "Accept Answer" and kindly upvote it. If you have extra questions about this answer, please click "Comment".
Note: Please follow the steps in our documentation to enable e-mail notifications if you want to receive the related email notification for this thread.
@Jason Benway , Hope things are going well. I am writing to see if there's any update on our issue. if yes, feel free to let us know.
There are some errors in the eventlog.
MDM declared configuration: function (checknewinstancedata) operation (read isnewinstancedadta) failed with (the parameter is incorrect)
I'd ran company portal and got a message the device hasn't been setup for corporate use yet. select this message to begin setup.
I click the message, a wizard starts and asks for the username, then tells me the computer is already connected to the organization.
@Jason Benway , Thanks for the update. For the error message, based on my research, I didn't find any similar one. Here, we suggest to open case to get more help. Here is a link with the steps to open case for your reference:
https://learn.microsoft.com/en-us/mem/get-support
Thanks for your understanding.
Should I open this with the AVD team or MEM team.
I don't want the MEM team telling me things like remove it from Azure AD and rejoin it, if that will break logins for Azure AD accounts in AVD.
@Jason Benway , Thanks for the reply. You can open case to either. I think this issue needs two teams to looks into. They will involve each other if needed.