Enroll in Azure AD with error 8018000a

The issue

The reason for this message is usually that the client believes it is in progress of joining a Azure AD tenant, and therefore refuses your request. This state can be caused by a number of events and reasons…

Error 8018000a: “Something went wrong. The device is already enrolled. You can contact your system administrator with the error code 8018000a.

Pre-checks

Some things to verify before proceesing:
– The device should NOT be in your Intune portal https://portal.azure.com/#blade/Microsoft_Intune_Devices
– Verify that the computer is not in fact joined. Run this command in an elevated prompt: dsregcmd /status

The fix

To troubleshoot this issue I used process monitor and found what Windows does when we try to join Azure AD.
After some testing it showed that if we remove the traces from “ongoing Azure AD join” the wizard will continue and succeed.

You can do this by deleting all GUIDs under HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Enrollments
Make sure to NOT delete Context, Ownership, Status and ValidNodePaths.

This can be achieved manually or by the following PowerShell script.

$EnrollmentsPath = "HKLM:\SOFTWARE\Microsoft\Enrollments\" $Enrollments = Get-ChildItem -Path $EnrollmentsPath $DiscoveryServerFullUrls = @("https://wip.mam.manage.microsoft.com/Enroll") Foreach ($Enrollment in $Enrollments) { $EnrollmentObject = Get-ItemProperty Registry::$Enrollment if ($EnrollmentObject."DiscoveryServiceFullURL" -in $DiscoveryServerFullUrls ) { $EnrollmentPath = $EnrollmentsPath + $EnrollmentObject."PSChildName" Remove-Item -Path $EnrollmentPath -Recurse & "C:\Windows\System32\deviceenroller.exe /c /AutoEnrollMDM" } }

26 Comments

Phuc Tran on 2021-12-03 at 04:38

I fixed it
The post is useful
Thank you

Anonymous on 2023-12-12 at 19:22

2024 and this post is still useful. God bless you.
Reply
TARIQ on 2024-01-23 at 15:14

GOD BLESS
Reply

Silvester Schmidt on 2022-05-14 at 06:38

Great, it worked. Thank you!

DK on 2022-08-08 at 06:23

Wonderfull ! It Works

Joe on 2023-03-01 at 10:06

Thank you. It worked

Anonymous on 2023-04-12 at 16:33

Ran into this today for a user out of the blue. Worked like a charm. Thank you.

H DAr on 2023-06-12 at 10:33

Worked like a treat :)
many thanks

Das on 2023-07-25 at 11:15

The fix really work

Thanks for the assist

Anonymous on 2023-08-09 at 02:39

Thank you – I backed up this portion of the registry and then deleted each GUID one by one. No reboot needed, I was able to join immediately after the keys were removed. There were two GUIDS that I could not delete (access denied) but that didn't seem to create any issues.

Jan on 2023-09-04 at 16:02

***THANKS***

faizan on 2023-09-13 at 01:40

worked

Mark on 2023-11-28 at 09:04

worked for me too. THANKS A LOT!!!

BAL on 2023-12-28 at 22:06

Worked for me today and I, too, had two GUIDs that I didn't have permissions to delete. Didn't seem to matter. No reboot needed. THANK YOU!

Kev on 2024-01-09 at 15:25

If anyone has this issue where 2 cant be deleted, simply change ownership of the keys and then youll be able to delete them.
Reply
- Renzo Geelhoed on 2024-02-29 at 17:06
  
  no need, just leave them and join your device

Martin on 2024-01-11 at 11:25

Worked like a charm!

AnonymousITperson on 2024-01-16 at 23:33

Thank you so much for writing this article – this saved me even in 2024, phew!

Wish Microsoft would get their shit together.

Renzo Geelhoed on 2024-02-29 at 17:04

Yes! Still valid on 29th feb

Ali on 2024-03-12 at 18:06

This worked for me! Thank You.

Karanpreet Singh Bedi on 2024-03-14 at 09:00

This helped. Thank you for sharing this.

Yll on 2024-03-21 at 19:23

Worked like a charm! Thanks man, saved me time.

Mike on 2024-06-26 at 22:25

Worked for me. Thanks.

Molotov on 2024-07-04 at 17:08

Lifesaver!

Enroll in Azure AD with error 8018000a

The issue

Pre-checks

The fix

26 Comments

Submit a Comment Cancel reply

Search

Share this!

Articles

Topics