Troubleshooting pointers on Hybrid Azure Autopilot build


Hi Everyone

Trouble with an Autopilot deployment.

I amseeing errors with app deployments as part of an Autopilot profile which is Hybrid Azure AD joined. The environment is configured with co-management but the devices are new AutoPilot builds which have their hashes uploaded by the vendor.

We can confirm all the pre-requisites are setup in the environment for HAAJ Autopilot.

Automatic enrolment is setup and user provisioning device is within the scope and has a M365 E3 license.

We are testing with a number of devices and all are failing at App 14 to 16.

When collecting the logs and reviewing we are seeing the following in the IntuneManagementExtension.log

<![LOG[AAD User check is failed, exception is Intune Management Extension Error.

Exception: Microsoft.Management.Services.IntuneWindowsAgent.AgentCommon.TokenAquireException: Attempt to get token, but failed.

at Microsoft.Management.Services.IntuneWindowsAgent.AgentCommon.IntuneTokenManager.<GetTokenInternalAsync>d__41.MoveNext()

I have reviewed the event viewer logs and IntuneManagementExtension.log where the above is taken from.

are there any other logs that I should review to help me troubleshoot or even better does anyone know what this issue could relate to?

Many Thanks

Answer ( 1 )


    Just an update I think we know what the issue is, we are seeing errors 304/307 in the event viewer of a failed AP build. It seems to be related to the service connection point configuration, so looking into that.

    The environment does already have an SCP configured but it doesnt match up with the tenant name so are making changes to reflect the correct details.

    Plan to rereun the Azure AD Connect wizard again to update the SCP config.

    Best answer

Leave an answer

Sorry, you do not have permission to answer to this question .