Share via

ADD the pin does not launch Windows Security window

Anonymous
2023-06-15T01:45:41.3966667+00:00

Hi Azure team, I have an interesting issue happening as per below, can you help?

  1. On the same PC that has been joined to intune by one user e.g xyz@com365.xyz.com
  2. I log in as a local user .\xyz
  3. go to Work and School and ADD the Pin - which works; the Windows Security window pops up ( I can see pinenrellmentbroker.exe in Task Manager Processes)
  4. I then log out
  5. I then login as xxyz@com365.xyz.com (the intune joined user)
  6. go to Work and School and try to ADD the pin - get a brief droppinf circle then bact to original screen; the Windows Security window DOES Not pop up ( and I can NOT see pinenrellmentbroker.exe in Task Manager Processes)
  7. so not able to set/add the pin
  8. I check Azure and the device has been joined and is complient
  9. The key seems to be that the Window Security launched by the P'in ADD button' does not launch under the Azure AD user, the pinenrellmentbroker.exe associated with this action is not a process that launched/seen in Task Manager Processes.

What app does the PIN add launch and need to have access and passes to pinenrellmentbroker.exe to authenticate the user?

This has only stared happening arounf 2 weeks ago, any ideas? appeciate your help Jari

Microsoft Graph
Microsoft Graph
A Microsoft programmability model that exposes REST APIs and client libraries to access data on Microsoft 365 services.
10,913 questions
0 comments

1 answer

Sort by: Most helpful
Most helpful Newest Oldest
  1. Fiona Matu 86 Reputation points Microsoft Employee
    2024-03-06T17:18:35.75+00:00

    Hello,

    This issue can be caused by many factors such as incorrect configuration of the device, OS, and the Intune service. The following might be a few possible solutions you can explore:

    1. Verify that the system is up to date. If not, update the system and see if the issue persists.
    2. Try removing the device from Azure AD and rejoining it.
    3. Check to see if the issue is with the specific user account. You can do this by trying to log in with a different Azure AD user.
    4. Check the Intune configuration for the user and the device. Ensure that the correct policies are applied and the device is compliant.

    The "pinenrollmentbroker.exe" is a part of the Microsoft PIN Reset Service Component, which is responsible for managing PINs on the system. When you try to add or change a PIN, this service is called. If this service is not running or is being blocked by some other software (like an antivirus), you might face this issue.

    You can check the status of the PIN Reset Service on your system by going to the Services application in Windows. If it's not running, try starting it and see if the problem persists.

    To troubleshoot, you can utilize the Event Viewer in Windows to check for any related errors. You can also use the Azure portal to check the status and the details of the device and the user.

    0 comments