WCD Bulk Provisioning issue

NP 416 Reputation points
2022-09-07T02:36:51.66+00:00

We are using Windows 10 2019 LTSC with the latest version of the ADK - WCD

Keep getting the below when trying to retrieve bulk tokens

Has anyone got any ideas?

Also, all the documentation says the token can be valid for 180 days but the gui only shows 30 days. Is there somewhere else to set this value?

The person that did this prior to me has to log a support request every month since we seem to have to generate the file every 30 days and every 30 days we seem to get this error. Then we contact MS and they do something on the backend and it mysteriously works for us

238356-image.png

Microsoft Intune Enrollment
Microsoft Intune Enrollment
Microsoft Intune: A Microsoft cloud-based management solution that offers mobile device management, mobile application management, and PC management capabilities.Enrollment: The process of requesting, receiving, and installing a certificate.
1,283 questions
Microsoft Intune
Microsoft Intune
A Microsoft cloud-based management solution that offers mobile device management, mobile application management, and PC management capabilities.
4,574 questions
Microsoft Entra ID
Microsoft Entra ID
A Microsoft Entra identity service that provides identity management and access control capabilities. Replaces Azure Active Directory.
20,106 questions
{count} votes

Accepted answer
  1. Akshay-MSFT 16,931 Reputation points Microsoft Employee
    2022-09-09T04:59:13.22+00:00

    Hello @NP ,

    Kindly try the following steps:

    Set-ExecutionPolicy -ExecutionPolicy RemoteSigned -Scope Process  
    Install-Module AADInternals  
    Import-Module AADInternals  
      
    Get-AADIntAccessTokenForAADGraph -SaveToCache   
    Get-AADIntCache  
      
    Get-AADIntAccessTokenForAADGraph -Resource urn:ms-drs:enterpriseregistration.windows.net -SaveToCache  
      
    Saving the token to a service account:  
      
    $bprt = New-AADIntBulkPRTToken -Name "svc_dem@CONTOSO.COM"  
      
      
    - Once you saved, we can fetch it from location in PowerShell output:  
    

    239343-image.png

    - Now navigate back to WCD -> advanced settings-> Accounts -> Azure :  
    

    In Authority field use: "https://login.microsoftonline.com/common"
    In BPRT filed use: <refresh token from .JSON file>
    - Save the project and export the PPKG.
    Now use the PPKG file to AAD join your device.

    Ref article used: https://techcommunity.microsoft.com/t5/core-infrastructure-and-security/how-to-retrieve-an-azure-ad-bulk-token-with-powershell/ba-p/2944894

    Please "Accept the answer" if the information helped you. This will help us and others in the community as well.

    0 comments No comments

0 additional answers

Sort by: Most helpful