1,013 questions
Do you have mfa enabled for the enrolling account?
Windows 10 device enrollment to MDM - please help
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(147.20000000000002, 68%, 24%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EVT%3C/text%3E%3C/svg%3E)
Virtual Tech
106
Reputation points
Hi
My test windows 10 computer has not received the office application from Intune. What pushes those URLs to the computer? I know I can manually add them but I prefer to automate it.
When running dsregcmd /status, I am missing the URLs below.
MdmComplianceUrl
MdmEnrollmentUrl
MdmTermsOfUserUrl
Computers device management log error: Auto MDM Enroll: Device Credential (0x0), Failed (Unknown Win32 Error code: 0x8018002b)
Test computers are Hybrid AD joined
configured the Intune automatic enrollment for devices
manually set the GPO GPO and navigate to Computer Configuration > Administrate Templates > Windows Components > MDM > then set "Enable automatic MDM enrollment using default Azure AD Credentials" to enabled.
My environment in Hybrid, AAD syncing objects, SSO, password Hash.
Microsoft Security | Intune | Application management
Microsoft Security | Intune | Other
5,571 questions
3 answers
Sort by: Most helpful
-
Rahul Jindal [MVP] 10,911 Reputation points MVP2022-06-24T22:42:06.087+00:00 -
Virtual Tech 106 Reputation points
2022-06-24T22:47:24.877+00:00 @Rahul Jindal [MVP] - Office will be installed on a windows 10 shared computer. Is not for a specific account. I am trying to figure out if MDM URLS are pushed automatically to the computer. do you know?
-
Rahul Jindal [MVP] 10,911 Reputation points MVP
2022-06-25T06:56:04.583+00:00 Yes they are on discovery when automatic mdm enrollment is configured in Intune. But for this to work, a successful authentication is needed and mdm management urls need to be allowed against network rules.
Sign in to comment -
-
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(233.6, 30%, 32%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ECM%3C/text%3E%3C/svg%3E)
Crystal-MSFT 53,991 Reputation points Microsoft External Staff2022-06-27T06:54:00.427+00:00 @Virtual Tech , For our enrollment, before going on, could you confirm if it is GPO enrollment.
Research and find a similar issue, In this this link, it says when event id 76 with error ”0x80180002b“ comes, the value of AzureAdPrt is NO. Please check if it is the same as ours. If yes, try the solution in the following link to see if it helps.
https://learn.microsoft.com/en-us/troubleshoot/mem/intune/windows10-enroll-error-80180002bMeanwhile, please check if all the prerequisites are all met in our situation:
https://learn.microsoft.com/en-us/windows/client-management/mdm/enroll-a-windows-10-device-automatically-using-group-policyPlease check the above information and if there's any update, feel free to let us know.
If the answer is helpful, please click "Accept Answer" and kindly upvote it. If you have extra questions about this answer, please click "Comment".
Note: Please follow the steps in our documentation to enable e-mail notifications if you want to receive the related email notification for this thread. -
Virtual Tech 106 Reputation points
2022-06-27T17:07:27.4+00:00 - The Office app will be pushed to a shared computer. Not to an individual user.
- For the computer enrollment, I manually modified the local GPO on the machine.
Computer Configuration > Administrate Templates > Windows Components > MDM > then set "Enable automatic MDM enrollment using default Azure AD Credentials" to enabled.
- The windows 10 machine does meet the requirements , per your link.
- I will try this article and see if it helps.
https://learn.microsoft.com/en-us/troubleshoot/mem/intune/windows10-enroll-error-80180002b
Do you know how the URLs below are populated from O365?
HKLM\SYSTEM\ControlSet001\Control\CloudDomainJoin\TenantInfo(Random Character String)
Int here are three keys
MdmComplianceUrl
MdmEnrollmentUrl
MdmTermsOfUserUrl
-
Rahul Jindal [MVP] 10,911 Reputation points MVP
2022-06-27T17:14:23.247+00:00 I think you should look at fixing the issue of the enrollment first and then move on to Office. Normally you should find something in the MDM event logs that should point you in the right direction.
-
Crystal-MSFT 53,991 Reputation points Microsoft External Staff
2022-06-28T01:55:51.793+00:00 @Virtual Tech , Thanks for the reply. I notice you will try the solution in the article. If there's any update, feel free to let us know.
For the URLs, they are gotten from auto-enrollment. configuration as below:
Hope it can help.
If the answer is helpful, please click "Accept Answer" and kindly upvote it. If you have extra questions about this answer, please click "Comment".
Note: Please follow the steps in our documentation to enable e-mail notifications if you want to receive the related email notification for this thread. -
Crystal-MSFT 53,991 Reputation points Microsoft External Staff
2022-06-30T05:17:16.28+00:00 @Virtual Tech , Hope things are going well. I am writing to see if we have tried the solution in the article. If there's any update, feel free to let us know.
Sign in to comment