Auto MDM Enroll: Device Credentials (x1), Failed (Unknown Win32 Error code: 0x8018000a)
A while back I was working with a customer who was in the process of co-manage their devices in their ConfigMgr environment and most of the computers enrolled just fine but they had some devices who kept on failing during enrollment.
We couldn’t find any information on this specific error code we kept on seeing and I just wanted to write a quick post on how we were able to solve the problem.
What we found out was that it was just older machines in the environment that had this problem, meaning that newly imaged and re-installed PC’s always enrolled without an issue. This customer had recently gone through an AD migration to a new domain and which in this case explained why we only saw this issue on older machines.
What we found when comparing 2 machines, 1 that enrolled ok and one that failed was that there was information in registry under HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Enrollments
That was different and also information missing on the one who failed.
The first indication was that the UPN key has the wrong UPN (Which was pointing to the old domain) and not the new one. Seen in the picture below
Compared to a machine that worked fine that contained the correct UPN and also a lot more information.
The solution was to delete the entire registry key, and after a while the key gets re-generated with the correct information once the enrollment schedule task ran. And the enrollment worked as expected.
The GUID in registry is the same you see in the schedule task that tries to do the enrollment.
I don’t expect that many people will run on to this specific problem but hopefully if you do, this will help you.
Don’t forget to follow me on twitter @timmyitdotcom