WCD Bulk Provisioning issue

Question

We are using Windows 10 2019 LTSC with the latest version of the ADK - WCD

Keep getting the below when trying to retrieve bulk tokens

Has anyone got any ideas?

Also, all the documentation says the token can be valid for 180 days but the gui only shows 30 days. Is there somewhere else to set this value?

The person that did this prior to me has to log a support request every month since we seem to have to generate the file every 30 days and every 30 days we seem to get this error. Then we contact MS and they do something on the backend and it mysteriously works for us

Answer 1

Hello @NP ,

Kindly try the following steps:

Set-ExecutionPolicy -ExecutionPolicy RemoteSigned -Scope Process  
Install-Module AADInternals  
Import-Module AADInternals  
  
Get-AADIntAccessTokenForAADGraph -SaveToCache   
Get-AADIntCache  
  
Get-AADIntAccessTokenForAADGraph -Resource urn:ms-drs:enterpriseregistration.windows.net -SaveToCache  
  
Saving the token to a service account:  
  
$bprt = New-AADIntBulkPRTToken -Name "svc_dem@CONTOSO.COM"  
  
  
- Once you saved, we can fetch it from location in PowerShell output:  

- Now navigate back to WCD -> advanced settings-> Accounts -> Azure :  

In Authority field use: "https://login.microsoftonline.com/common"
In BPRT filed use: <refresh token from .JSON file>
- Save the project and export the PPKG.
Now use the PPKG file to AAD join your device.

Ref article used: https://techcommunity.microsoft.com/t5/core-infrastructure-and-security/how-to-retrieve-an-azure-ad-bulk-token-with-powershell/ba-p/2944894

Please "Accept the answer" if the information helped you. This will help us and others in the community as well.