Share via

Windows 11 Enterprise computer is bricked after running Windows Configuration Designer provisioning package

Administrator 0 Reputation points
2024-05-13T18:03:01.83+00:00

Hi all,

I am completely new to IT and system administration. I was experimenting with the configuration of a Windows computer that I upgraded to the Windows 11 Enterprise operating system. I attempted to use the Windows Configuration Designer to create a provisioning package to configure the computer and specified a package to enroll into Azure Active Directory.

From what I understand, Azure AD is deprecated and has been replaced with Entra ID. My organization has a valid Entra ID P1 license. After running the provisioning package on the Windows 11 device, the computer has been stuck on the "Setting up your PC" window with a loading button next to the "Enroll in Azure Active Directory" text field. I also wiped all local information on the device so restarting the computer while holding the shift key takes me to a user log in screen of which I have no valid log-in credentials.

What should I do?

Active Directory
Active Directory
A set of directory-based technologies included in Windows Server.
6,642 questions
Windows 11
Windows 11
A Microsoft operating system designed for productivity, creativity, and ease of use.
9,893 questions
Microsoft Intune Configuration
Microsoft Intune Configuration
Microsoft Intune: A Microsoft cloud-based management solution that offers mobile device management, mobile application management, and PC management capabilities.Configuration: The process of arranging or setting up computer systems, hardware, or software.
1,921 questions
Microsoft Intune
Microsoft Intune
A Microsoft cloud-based management solution that offers mobile device management, mobile application management, and PC management capabilities.
5,201 questions

2 answers

Sort by: Most helpful
Most helpful Newest Oldest
  1. Marilee Turscak-MSFT 36,866 Reputation points Microsoft Employee
    2024-05-13T21:25:46.5233333+00:00

    Hi @Administrator ,

    For Windows 11, the option is only available as a local admin/local account. Regular users cannot join their accounts to Entra ID/Azure AD. You need to have a local admin account on the device to perform that action. https://support.microsoft.com/en-us/windows/create-a-local-user-or-administrator-account-in-windows-20de74e0-ac7f-3502-a866-32915af2a34d

    If you use a local admin account and still run into the issue, here are some other possibilities and mitigations:

    • The device is already joined to on-premises Active Directory. If this is the case, you will not get the Azure AD join option because you would need to perform Hybrid Azure AD join in that case using either of the following methods:
      • Configure hybrid Azure Active Directory join for federated domains 
         - [Configure hybrid Azure Active Directory join for managed domains](https://learn.microsoft.com/en-us/azure/active-directory/devices/hybrid-azuread-join-managed-domains)

 You can try using below commands to join Azure AD and check the status:AI ConvertCopy

 ```yaml
     - DsRegCmd /join

  - DsRegCmd /status
 ```
    • You can create a new offline profile and log in with that profile to join to Entra ID/Azure AD
    • Make sure you are not using the Home edition. If you are, you will need to upgrade the edition since the Home edition cannot be joined to Entra ID/Azure AD

    https://learn.microsoft.com/en-us/azure/active-directory/devices/concept-azure-ad-join

    Let me know if this helps and if you still face the issue with the local admin account.

    If the information helped you, please Accept the answer. This will help us and improve searchability for others in the community who may be researching similar questions. Otherwise let me know if you have further questions.

    0 comments
  2. ZhoumingDuan-MSFT 13,730 Reputation points Microsoft Vendor
    2024-05-14T05:37:22.3866667+00:00

    @Administrator, Danny,Thanks for posting in Q&A.

    To clarify your issue, please check the following.

    1.Check if you have the right roles to create correct provisioning package.

    2.Check if you meet the requirements.

    • Devices must be running Windows 11 or Windows 10 Creator update (build 1709) or later.
    • Enable Windows automatic enrollment.
    • Ensure that the service principal for Microsoft.Azure.SyncFabric (AppID 00000014-0000-0000-c000-000000000000) is present in your Microsoft Entra tenant.

    https://learn.microsoft.com/en-us/mem/intune/enrollment/windows-bulk-enroll#roles-and-permissions

    https://learn.microsoft.com/en-us/mem/intune/enrollment/windows-bulk-enroll#prerequisites

    3.Check the Provisioning-Diagnostics-Provider Admin log in Event Viewer. Location: Event Viewer > Applications and Services logs > Microsoft > Windows > Provisioning-Diagnostics-Provider > Admin

    4.Try to restart the device and re-apply the package to see if can fix the issue.

    Please try above information, if there is any update, feel free to let me know.

    If the answer is helpful, please click "Accept Answer" and kindly upvote it. If you have extra questions about this answer, please click "Comment".

    Note: Please follow the steps in our documentation to enable e-mail notifications if you want to receive the related email notification for this thread.

Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.