-
Title
Migrated devices not enrolling in Intune -
Description
After migrating a Windows device using On Demand Migration for Active Directory (ODM AD), AD Express, or Entra ID Devices, the migrated device may fail to enroll in the target Intune. This behavior will occur when companies add corporate identifiers in Intune and select the option to block enrollment of personal devices.
When a migrated device is blocked from Intune enrollment as a result of this configuration, the following error message will be listed in the Event Viewer under Applications and Services Logs > Microsoft > Windows > DeviceManagement-Enterprise-Diagnostics-Provider > Enrollment:
MDM Enroll: Server Returned Fault/Code/Subcode/Value=(DeviceNotSupported) Fault/Reason/Text=(DeviceIdentifier not preregistered).
-
Resolution
Use one of the following two options to allow migrated devices to enroll in Intune:
Option 1: Modify the Intune policy for the duration of the migration project to allow enrolling personally owned devices.
Option 2: Pre-load corporate identifiers for the migrating devices in Intune according to Microsoft’s guide: Add corporate identifiers to Intune | Microsoft Learn
- Export a list of in-scope devices from your directory as a CSV that includes Manufacturer, Model, and Serial Number
- Upload the CSV file to Intune prior to device migration
For devices that have already completed migration, re-run the device enroller manually as the local SYSTEM account once Intune has been updated: deviceenroller.exe /c /AutoEnrollMDM