Question fréquemment posée

Azure AD join error code 8018000a – This device is already enrolled
Dernière mise à jour il y a 2 ans



image

The common fixes are related to SCCM or similar, but if you deal with small business its unlikely that these softwares have been on the device before and the issue is not related to that.

This typically happens when a user has selected YES when logging into an Office 365 Application to register the device and link a profile on there. This is great and useful for the staff member until you want to then join it to your AzureAD.

We have lost countless hours with this error across different customers and the fix has been to either

  1. Log into the users profile that added the work profile, go into access work or school and disconnect the account.
    This is horrible and sucks if multiple people use that computer
  2. Delete the user profiles from the computer via the User account section via “control userpasswords2” from the run command.
    An option, but then you also lose all the user accounts and info on the computer

After many lost hours, we have finally found a solution to this problem. We have found the relevant information that has the device linked up and have created an easy powershell script to clear out the information for you WITHOUT deleting any user accounts/profiles and allow you to get the device AzureAD Joined.

Where is the info stored?

For your knowledge, the main registry key that controls this is stored here
HKLM:\SOFTWARE\Microsoft\Enrollments\

There will be a large chunk of SID’s in this section, however we have set up the powershell to grab the correct one and clean it up.
The second place is in scheduled tasks. We also need to clean up its tasks and remove the folder.

\Microsoft\Windows\EnterpriseMgmt\

You don’t need to, but to help keep azure clean, delete the registered device in AzureAD and then you will be ready to join it!

The Fix!

I have shared the powershell script below that we have created. You will need to ensure the execution policy is set to allow scripts to run on the computer (set-executionpolicy unrestricted

Simply copy the powershell script below and save it. It needs to be run from a powershell as administrator prompt.

Download Fix Script

Pièces jointes:

Veuillez patienter!

S'il vous plaît patienter... il faudra une seconde !