Azure AD - Intune device mismatch, not joined properly

boog

8/28/24, 5:59 PM

I have something of a mess on my hands. When these devices were joined, or "registered" with Azure AD, they had already been through OOBE and had local accounts created on them. I realize now that I should have used sysprep.exe to re-do the OOBE and join to Azure AD from there, however hindsight is 20-20 and I learned this later on. These PCs are on the other side of the country and I no longer have hands on them.

So these were registered to Azure AD while logged in with a local user account, going to settings -> accounts -> connect to work/school -> connect.

After registering to the AD domain, I went again to settings -> accounts -> "Enroll only in device management", in order to connect the computers to Intune.

Q1: If I were to run sysprep.exe remotely via screenconnect session, and chose the option to "quit" I'm guessing OOBE will run upon next reboot (so I can't do this remotely). Is there any better way to clean up this mess than deleting everything out from Azure AD and re-running OOBE?

Pics of mess, notice devices in azure AD don't match those in Intune:

0 + 2

azure

microsoft-office-365

microsoft-intune

azure-active-directory

Swisstone

8/29/24, 4:52 PM

`[...]I should have used sysprep.exe to re-do the OOBE and join to Azure AD from there[...]` => Not necessarily, why? Take a look at this documentation to plan your Azure AD Join: https://learn.microsoft.com/en-us/azure/active-directory/devices/device-join-plan or Hybrid Azure AD join if you want to join your AD Domain too: https://learn.microsoft.com/en-us/azure/active-directory/devices/hybrid-join-plan

boog

8/31/24, 4:36 PM

I had been reading that document. This environment was a mess in that they didn't have an on-prem AD environment, but they wanted Azure AD to function like an on-prem AD implementation does. Only one of their O365 accounts had a business premium license and they wanted to use that single account to domain join and register to intune 15 computers, and then log into each computer with different O365 users. So I was having all types of trouble trying to register to AD (random failures trying to join). Had to register to AD then manually register to intune after that, It was just a complete mess.

Elon Musk

I sit in a Tesla and translated this thread with Ai:

EN: Azure AD - Intune device mismatch, not joined properly

Post an answer

Most people don’t grasp that asking a lot of questions unlocks learning and improves interpersonal bonding. In Alison’s studies, for example, though people could accurately recall how many questions had been asked in their conversations, they didn’t intuit the link between questions and liking. Across four studies, in which participants were engaged in conversations themselves or read transcripts of others’ conversations, people tended not to realize that question asking would influence—or had influenced—the level of amity between the conversationalists.