This browser is no longer supported.
Upgrade to Microsoft Edge to take advantage of the latest features, security updates, and technical support.
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(134.4, 78%, 23%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EHY%3C/text%3E%3C/svg%3E)
I am currently trying to setup up hybrid autopilot for Intune. I have done the configurations but it lead me to the error code 80070002. Then running the autopilot diagnostics it appears that it was unable to establish connectivity.
The error was "Could not establish connectivity" and "Timed out waiting for ODJ blob or connectivity.
Another question, does the ODJ connect need to be installed on the Domain Controller or it doesn't matter ?
*I am able to ping the domain controller
Can someone help please
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(112.00000000000001, 74%, 20%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ENS%3C/text%3E%3C/svg%3E)
Hi, your autopilot configuration policy needs the on-prem domain name (FQDN) not the AAD one.
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(233.6, 30%, 32%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ECM%3C/text%3E%3C/svg%3E)
@Hong Ye , Thanks for posting in Q&A. For the Intune Connector, it is not necessary to install on DC. But it needs to be installed on a computer that's running Windows Server 2016 or later with .NET Framework version 4.7.2 or later. And the computer must have access to the internet and your Active Directory. Here is a link with more details.
https://learn.microsoft.com/en-us/mem/autopilot/windows-autopilot-hybrid#install-the-intune-connector
For our issue, please firstly check in Intune portal to see if the Intune Connector is there and active.
Then check if the network requirements are all met.
https://learn.microsoft.com/en-us/mem/intune/fundamentals/intune-endpoints
In addition, here is a link with troubleshooting steps. You can read it as a reference:
https://oofhours.com/2020/07/19/troubleshooting-windows-autopilot-hybrid-azure-ad-join/
Note: Non-Microsoft link, just for the reference.
Please check the above information and if there's any update, feel free to let us know.
If the answer is helpful, please click "Accept Answer" and kindly upvote it. If you have extra questions about this answer, please click "Comment".
Note: Please follow the steps in our documentation to enable e-mail notifications if you want to receive the related email notification for this thread.
Hi there, thanks for the response.
The Intune Connector has been installed and is currently active. However, the device that has the connector installed was unable to pick up any logs for ODJ connector service. The domain join profile also leads to an error with the error code of -1879048193
@Hong Ye ,, From your description, it seems the logs for ODJ connector service is unable to gotten and domain join profile is failed with error. Here, we suggest to check if the right on the on-premise organization unit is granted:
https://learn.microsoft.com/en-us/mem/autopilot/windows-autopilot-hybrid#increase-the-computer-account-limit-in-the-organizational-unit
If the connector service account has the following permissions on the device:
If there's any update, feel free to let us know.
@Crystal-MSFT , I have just doubled check the permissions with on the correct OU. Everything seems right. And the permissions for the connector service account are also correct. Still running into the sam error 80070002.
@Hong Ye , Thanks for the reply. If so, we suggest to open case to do the troubleshooting. Here is a link with the steps to open case:
https://learn.microsoft.com/en-us/mem/get-support