RubbenRocha
New Member
- Messages
- 1
- Reaction score
- 0
- Points
- 1
Good morning, I’m starting to get a bit desperate with an issue that has been happening. I’m having problems managing the machines in co-management: some switched immediately to “Success, hybrid Microsoft Entra ID-joined”, while the rest are stuck in “Failure, hybrid Microsoft Entra ID-joined; Enrollment error: Bad request (400)” and “Pending user sign in”. I’m sending the logs below.
I’ve already tried everything. The machines appear in Entra ID and Intune, but it’s as if they were stuck. I’ve already confirmed the workloads, Cloud Attach, and the URL, and everything looks fine. Microsoft Store is not blocked by GPO, and I’m doing the enrollment through GPO.
I uninstalled the MECM agent, rebooted, and reinstalled it, but after a few hours the messages above started happening again. I also tried dsregcmd /leave, rebooted, and then dsregcmd /join, but that didn’t work either. In addition, I uninstalled the MECM agent, ran dsregcmd /leave, rebooted, and reinstalled the MECM agent, allowing the hybrid join to happen naturally. Again, no luck.
No matter what I do, these messages keep coming back. I can’t figure out what is preventing the co-management policies from being applied correctly, assuming that’s what is causing the issue. However, Intune says the device has all the correct managed workloads, and the workload list is identical to any other device. It’s also in the same OU as the vast majority of our devices, so it doesn’t seem to be some odd GPO issue.
Any ideas?
I’ve already tried everything. The machines appear in Entra ID and Intune, but it’s as if they were stuck. I’ve already confirmed the workloads, Cloud Attach, and the URL, and everything looks fine. Microsoft Store is not blocked by GPO, and I’m doing the enrollment through GPO.
I uninstalled the MECM agent, rebooted, and reinstalled it, but after a few hours the messages above started happening again. I also tried dsregcmd /leave, rebooted, and then dsregcmd /join, but that didn’t work either. In addition, I uninstalled the MECM agent, ran dsregcmd /leave, rebooted, and reinstalled the MECM agent, allowing the hybrid join to happen naturally. Again, no luck.
No matter what I do, these messages keep coming back. I can’t figure out what is preventing the co-management policies from being applied correctly, assuming that’s what is causing the issue. However, Intune says the device has all the correct managed workloads, and the workload list is identical to any other device. It’s also in the same OU as the vast majority of our devices, so it doesn’t seem to be some odd GPO issue.
Any ideas?
