注册Windows 10设备的CoManagement问题 [英] CoManagement issue enrolling Windows 10 Devices

问题描述

Hello all，

我在共同管理方案中自动注册Windws 10设备时出现问题。

SCCM是1810

Windows介于1709和1803之间

用户获得EMS E3许可

<问题是：

某些设备（有或没有ConfigMgr客户端）在事件日志查看器中显示错误\ Microsoft \ Windows \ AAD

OAuth响应错误：invalid_grant

错误说明：AADSTS50155：设备未经过身份验证。

当我转到AzureAD控制台时，我将这些设备视为" ;混合Azure AD加入"

并在事件日志查看器\ Microsoft \ Windows \ ServicesManagement-Enterprise-Diagnostics-Provider \Admin

MDM自动注册：失败（未知Win32错误代码：0xcaa20003）

对于那些使用ConfigMgr客户端的人，我得到一些奇怪的错误消息，说"只支持MDM自动注册" Windows RS3和abov E"。和"失败的GetDeviceRegistrationInfo错误（0x80070032）"

有人有同样的问题，你是如何解决它的？

全部谢谢。

解决方案

如果您收到"AADSTS70002：验证凭据错误"以及invalid_grant错误，然后您使用错误的用户名/密码进行针对联合租户的Active Directory密码身份验证。确保
用户名和密码对于要连接的联盟域是正确的。

另外，检查这是否是一个相关的错误：  https://stackoverflow.com/questions/45618151/logging-in-on-windows -device上带有一个联合的用户

Hello all,

I got an issue automatically enrolling Windws 10 Devices in a Co-Management scenario.

SCCM is 1810

Windows are between 1709 and 1803

Users are licensed to EMS E3

Problem is :

Some devices (either with or without ConfigMgr client) present an error in Event Log Viewer \Microsoft\Windows\AAD

OAuth response error: invalid_grant
Error description: AADSTS50155: Device is not authenticated.

When I go to AzureAD Console, i see those devices as "Hybrid Azure AD joined"

And in Event Log Viewer \Microsoft\Windows\DeviceManagement-Enterprise-Diagnostics-Provider\Admin

MDM Automatic Enrollment : Failure (Unknown Win32 Error code: 0xcaa20003)

For those with ConfigMgr client, i got some time a strange error message saying "MDM auto-enrollment is only supported on Windows RS3 and above." and "Failed to GetDeviceRegistrationInfo with error (0x80070032)"

Is someone having same issue, and how did you fix it?

Thanks for all.

解决方案

If you are getting an "AADSTS70002: Error validating credentials" along with the invalid_grant error, then you are using the using the wrong username/password for the Active Directory Password Authentication targeting the federated tenant. Ensure that the username and password are correct for the federated domain to connect.

Also, check to see if this might be a related error: https://stackoverflow.com/questions/45618151/logging-in-on-windows-device-with-a-federated-user

这篇关于注册Windows 10设备的CoManagement问题的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！