Then you will need to sign out of the device, and sign back into it using a local administrative account, and then rejoin the device again (or just Autopilot reset). The fix for this is simple: dsregcmd /debug /leave. Device is either disabled or deletedĪs well, you will not find the object in the Azure AD devices list, or if you do find an object representing this device, it will most likely be a stale record (just remove it). To see this issue another way, when you run dsregcmd /status, it will say AzureAdJoined: YES under Device State, and yet, under Device Details just below that, you will see this message:ĭeviceAuthStatus : FAILED. If I recall this correctly, it will ask for a local admin credential, and even if you know you typed in the credential correctly, it will tell you that your info is incorrect. You might get an error that basically says you can’t do that. If someone deletes the computer object in the cloud, but the device still thinks it is Azure AD joined, then you will end up with a “Zombie-Joined” device presenting with inexplicable issues including authentication and SSO issues.įurther, let’s say you that go to disconnect the account from Azure AD under Settings > Accounts > Work and school. ( Spoiler alert: basically, a lot of this boils down to: if the cloud disagrees about the device state compared to the local computer, you will have issues.) The Zombie Here are a few scenarios that I have run into, and what I found the most effective fix was. These can take several forms, but generally the message is, “ Sorry dude, but you can’t join/register this device.” If you are starting to do more Azure AD Join (or disjoin/rejoin) operations, you may run into some issues at times where the computer reports an error.
0 Comments
Leave a Reply. |