Forum Discussion
Domain Join Configuration Profile suddenly erroring out.
Good morning,
I have never posted on here, so I hope this goes through. I have been working on getting HAADJ Autopilot setup in my organization the past few weeks and it has been going well so far, except for yesterday.
In my testing I have successfully deployed a few machines using HYAAD Autopilot process with not many issues. Yesterday I pre-provisioned a laptop with no issues, it domain joined and Entra joined and I was able to reseal. A few minutes later I tried a different machine and then it didn't work on that machine. Since then I have been trying multiple machines, and it seems to not be working now at all. I am not sure what broke or changed in my environment that caused this to change.
I am very new at Intune and picked up this environment from a team that left a few months ago, so it is a miracle I have gotten this far by myself, but now I am at a complete loss. This just broke on me and I have no lead as to what may have caused this.
Please if anyone has ANY ideas on where to start for this please let me know. Google has not been much help.
This is what I see when I check the report on the domain join config profile:
Hi!
I have been in a similar situation , where one day it works and the next it doesn't :(
I went back through and copy and pasted any settings rather than typing them.What do you see in Windows Autopilot Devices page?
Does the device have an assigned profile?
Home\Devices\Windows\Enrolment\Devices
I am getting event code 30132 on the Intune Connector whenever a computer tries to pre-provision or go through the setup. It says:
RequestOfflineDomainJoinBlob_Failure: Failed to generate ODJ blob
RequestId: .......
DeviceId: ........
DomainName: .......
RetryCount: 0
ErrorDescription: Failed to call NetProvisionComputerAccount machineName=LAPTOP-........
InstanceId: .....
DiagnosticCode: 268435455
WinErrorCode: 8557
DiagnosticText: We are unable to complete your request because a server-side error occurred. Please try again. [Exception Message: "DiagnosticException: 0x0FFFFFFF. We are unable to complete your request because a server-side error occurred. Please try again."] [Exception Message: "Failed to call NetProvisionComputerAccount machineName=LAPTOP-...."]Like I said. This was working fine thus far and even yesterday it worked. Then it just stopped working completely.
Everywhere I see says to check the config profile spelling and names of the OUs but I promise NOTHING has changed with those configs.
I really do not know what is causing the issue. Im going to try a different image (w10) and see if it works.
Hi Theworstsysadminalive
Based on event code 30132 you described, it seems like there is incorrect permission for the organizational unit where Windows Autopilot is being created. You may need to increase delegation.Increase delegation:
1- Open Active directory users and computers2- Right click on the OU that well used t ocreate the Microsoft hybrid joined.
3- in the delegation of controll select add -> object types and then select computers
4- In the users, enter the name oc the computer where the connector is installed.
5- select the custom task and click next
6- check te box (Only the following objects), check the computer objects and thecheck two last boxex (create selected and delete selected)
7- under promission select full kontroll
Plz let me know if this works.
