Intune connector troubleshooting Further Information: There is a Domain Join Profile assigned to these devices and in the profile the blob fails with 0x8ffffff. Technical content to troubleshoot issues in Microsoft Intune Mar 3, 2025 · To support your use of certificates with Intune, you can install the Certificate Connector for Microsoft Intune on any Windows Server that meets the connector prerequisites. Whether you’re dealing with device enrollment failures, policy misapplications, or app deployment issues, effective troubleshooting is critical to maintaining a smooth user experience and secure environment. However, the device that has the connector installed was unable to pick up any logs for ODJ connector service. Jan 31, 2022 · The user who is installing the Intune connector for active directory should have the necessary permission on the OU. Be sure to verify the device registration by using the Get-MgDevice cmdlet. The same connector May 29, 2025 · General Device enrollment Intune connector Successfully configured the Microsoft Entra hybrid joined devices. Feb 11, 2025 · Starting with version 6. In this post, I Jun 3, 2025 · Stay updated on the latest Security Update for the Microsoft Intune Connector for Active Directory and enhance your Intune management today! Apr 16, 2025 · I'm currently setting up Microsoft Intune Certificate Connector for SCEP integration, and I'm stuck at the Azure AD sign-in step during installation. Jul 17, 2025 · Alternatively, in Apps & Features, find Microsoft Edge WebView2 Runtime and use the "Repair" option. Jun 11, 2025 · For more information: Windows Autopilot user-driven Microsoft Entra hybrid join - Step 2 of 10 - Install the Intune Connector for Active Directory | Microsoft Learn Microsoft Intune Connector for Active Directory security update | Microsoft Community Hub Windows Autopilot troubleshooting FAQ | Microsoft Learn Feb 11, 2025 · Troubleshoot the Microsoft Intune certificate connector by reviewing Event IDs and descriptions, and review diagnostic codes for the Intune connector service. For a complete article list, browse the navigation pane on the left, or use the search box to help find specific issues and solutions. Some devices have installed the app, but others encounter a fatal error during installation (0x80070643). The Intune Connector for Active Directory originally logged in the Event Viewer directly under Applications and Services Logs in a log called ODJ Connector Service. You can check ity’s health status. Oct 6, 2022 · Hi All, I’m trying to get intune connector up and running, from one of DC servers, however, I’m coming across connectivity issues. Feb 11, 2025 · Fixes an unexpected error problem that occurs when you sign in to Intune Connector for Active Directory. In this article, we’ll break down 10 essential Intune troubleshooting tips every […] 6 days ago · I'm getting errors on all my devices via intune , almost with all apps. After the validation, NDES contacts the Jun 3, 2025 · Microsoft Intune is a powerful platform for managing devices, apps, and security policies across your enterprise. These events log successes and failures of an operation, and also contain diagnostic codes with messages to help the IT admin Microsoft Intune troubleshooting This documentation gives troubleshooting guidance to help you diagnose and fix issues that you might encounter when you use Microsoft Intune. May 23, 2022 · After doing some troubleshooting and research, the Intune Connector will look for this container by its well-known GUID and place the Intune Connector managed service account in that container. The Intune Certificate Connector supports the deployment of SCEP, PKCS, PKCS imported certificates, or any combination of these. Aug 2, 2022 · @PT Maliborski , From your description, it seems the Intune connector for AD on windows server 2022 has no log and client can't connect to it. I tried this with Brand New Devices and Virtual Machines none of them working. Learn how to fix PKCS certificate revocation issues in Intune with a detailed guide on troubleshooting and best practices for deployment. Feb 11, 2025 · This article gives guidance to help you validate and troubleshoot operation of the Network Device Enrollment Service (NDES) policy module that installs with the Microsoft Intune Certificate Connector. However, it covers some of the more common problems administrators will likely encounter. When NDES receives a request for a certificate, it forwards the request to the policy module, which validates the request as valid for the device. Please if anyone has ANY ideas on where to start for this please let me know. In this post, Anzio goes through the entire process of setting up the PKCS certificate infrastructure and assigning PFX certificates to Intune client devices, including detailed insight into the happenings under the covers and tips for troubleshooting should you encounter any Nov 11, 2021 · Deploying user or device authentication certificates to support Always On VPN requires installing the Certificate Connector for Microsoft Intune. - What is Microsoft Entra Connect and Connect Health. Ideally you want your Intune OBJ connector installed on your primary DC because this takes so much hassle out of network troubleshooting. To strengthen security in our customers’ environments, we’ve updated the Intune Connector for Active Directory to use a Managed Service Account (MSA) instead of a SYSTEM account. Currently Intune Connector is setup on 2 Devices which are both completly silent in the eventlog. Feb 11, 2025 · Troubleshoot the configuration of and issues related to the Intune on-premises Exchange Connector. exe). In the table below most common steps involved are listed in chronological order. Nov 9, 2022 · The Intune Connector has been installed and is currently active. Jul 11, 2025 · By: Arpit Sinha | Support Escalation Engineer – Microsoft Intune The purpose of the Microsoft Intune Connector for Active Directory, also known as the Offline Domain Join (ODJ) Connector, is to join computers to an on-premises domain during the Windows Autopilot process with the device ultimately becoming Microsoft Entra hybrid joined after the user logs into the device for the first time Troubleshoot managed device to NDES server communication when using Simple Certificate Enrollment Protocol (SCEP) certificate profiles to deploy certificates with Intune. 1806. Anyone have any ideas? this is driving me nuts! haha. Support Escalation Engineer and certificate expert Anzio Breeze. Mar 14, 2025 · Troubleshoot error when you sign in to Intune Connector for Active Directory - Intune Fixes an unexpected error problem that occurs when you sign in to Intune Connector for Active Directory. - Microsoft Entra ID | Microsoft Learn Configure Automatic Enrollment in Intune (what Intune license do you have Intune Connector for Active Directory is inactive but still appears in the Intune Connector for Active Directory page Inactive Intune Connectors for Active Directory will be automatically cleaned up after 30 days of inactivity without admin interaction. If you did not know this, the account entered in the Intune Connector is used to revoke certificates enrolled by the Registration Authority (NDES), but it is optional. Jul 20, 2020 · The ODJ connector picks up the ODJ request from the Intune service (it polls Intune looking for requests). I Installed with an Intune Administrator Account with a Intune license, and a Service Account that has permissions to run as a Service and has permissions to the Certs on the CA Intune says "error" but I do not see any errors in the event log on the Certificate Connector Server. Feb 24, 2025 · By staying informed and prepared, you can ensure that your organization enjoys the full benefits of Windows Autopilot and Microsoft Intune, making device management a smoother and more reliable experience for everyone involved. Good luck! May 12, 2021 · Intune Connector account There is an advanced option to add a specific service account during the installation of the Intune connector. The Certificate Connector Server Aug 11, 2021 · Intune uses many different data stream actions and you can pick one to troubleshoot. Apr 2, 2025 · I'm attempting to install and enrol the Intune Connector for AD on a member server in our domain. May 2, 2017 · Troubleshooting Troubleshooting Intune Certificate Connector can be challenging. In this blog post, I will guide you through a troubleshooting process, providing useful tips for each component. Jul 12, 2020 · There are two additional lines at the bottom, which indicate that the device has already received an offline domain join blob (a good sign that your ODJ Connector processed a request, created a computer account, provided the details to Intune, and then that the device received those details from Intune), and that the new “Skip connectivity Nov 27, 2023 · The Microsoft Intune Certificate Connector enables the provisioning and de-provisioning of on-premises PKI certificates for Intune-managed devices. Apr 4, 2025 · Below are a few troubleshooting steps I would suggest/confirm: Azure AD Connect: Do you have Azure AD Connect set up? This would automatically sync your on-prem objects from AD to Azure AD. . Feb 11, 2025 · This article provides a solution for the issue that the Intune Connector for Active Directory doesn't appear after it is installed in Microsoft Intune. However, after successfully installing, I was unable to Sign In. If Domain and OU-based filtering is configured as part of Microsoft Entra Connect, ensure that the default organizational unit (OU) or container intended for the Windows Autopilot devices is included in the Feb 27, 2025 · Updated connector Today, Windows Autopilot uses the Intune Connector for Active Directory to deploy devices that are Microsoft Entra hybrid joined. Feb 11, 2025 · This article provides a solution for the issue that the Intune Connector for Active Directory doesn't appear after it is installed in Microsoft Intune. This just broke on me and I have no lead as to what may have caused this. May 2, 2019 · Hello everyone, today we have a post from Intune Sr. The Intune service requests that the on-premises Intune Certificate Connector create a new certificate for the user. On server (DC with OBJ connector installed) and client machine (Windows 10 device): Use the below commands to clear the cache: Client : (Run from an administrative command prompt) – ipconfig /flushdns Apr 27, 2021 · This did not work, despite everything being set up correctly / identically. Picking ‘mobiledevices’ data stream action from the list of actions will be a good one to start. But like any complex service, it can present challenges. Happy troubleshooting! trueI have the Intune Certificate Connector installed and my certs setup in my CA. Feb 11, 2025 · Troubleshoot the Microsoft Intune certificate connector by reviewing Event IDs and descriptions, and review diagnostic codes for the Intune connector service. Jul 12, 2020 · There are two additional lines at the bottom, which indicate that the device has already received an offline domain join blob (a good sign that your ODJ Connector processed a request, created a computer account, provided the details to Intune, and then that the device received those details from Intune), and that the new “Skip connectivity Jan 29, 2024 · Troubleshooting in an Intune environment can be challenging, as it is often unclear where to find the right logs and information. Mar 24, 2025 · In this blog post, we’ll walk you through updating your Intune Connector for Active Directory from using a system account to a MSA account. Microsoft establishes as prerequisite; the user account must be created from the on-prem AD environment, then it must be synchronized to the Azure AD environment. Nov 13, 2025 · Microsoft Intune troubleshooting allows businesses to discover and resolve specific issues, such as compliance or authorization problems. Use these events to help troubleshoot potential issues in the configuration of the Intune Certificate Connector. This article also explains how to modify a previously installed connector, and how to remove the connector from a server. Uninstall the connector, then reinstall it following Microsoft’s guidance for your environment. Dec 27, 2024 · There's one limitation to configure the Intune Certificate Connector, when the Azure AD user account is directly attached on the Certificate connector on a mixed environment (On-prem Active Directory / Azure Active Directory). Understanding the process and autonomy gives you a good starting point to successfully determine the issue or even solve your problem. The Certification Feb 11, 2025 · Troubleshoot the use of SCEP by devices to request certificates for use with Intune, including communication from devices to Network Device Enrollment Service (NDES), NDES to certification authorities, and from the Intune Certificate Connector to the Intune service. Jan 8, 2025 · I am very new at Intune and picked up this environment from a team that left a few months ago, so it is a miracle I have gotten this far by myself, but now I am at a complete loss. Feb 7, 2020 · I mean here: Troubleshooting NDES configuration for use with Microsoft Intune certificate profiles. This page lists recent known issues with Microsoft Intune. If it finds a request, it will attempt to create an Active Directory object in the specified domain and OU using the naming prefix specified (all from that Domain Join profile). May 6, 2025 · Microsoft Intune has become a critical tool for managing modern workplaces — but even seasoned admins run into frustrating issues. However, logging for the Intune Connector for Active Directory has since moved to the path Applications and Services Logs > Microsoft > Intune > ODJConnectorService. ” The customer has Microsoft 365 A5 for Faculty, which should include Intune Plan 1 and the Microsoft Defender for Endpoint licence. An Admin creates a PKCS certificate profile in Intune. The following sections help you install and then configure the connector. From device sync failures to app deployment problems, knowing how to troubleshoot Intune efficiently can save hours of work and boost user satisfaction. x. May 24, 2023 · Intune Certificate Connector Configuration Failed The Microsoft Intune Certificate Connector must be deployed on-premises to provision and manage enterprise PKI certificates using Intune. Watch as I demonstrate how this fix resolves the sign-on issue, allowing seamless configuration of the Intune Connector and Managed Service Account. Uninstall and Reinstall Intune Connector: Ensure you have the latest version from the Intune portal. The server had the legacy connector installed and running successfully and I've uninstalled before downloading and installing the update… 5 days ago · I tried toggling the Microsoft Intune Connector off and on multiple times; at one point, after turning it off, I received the message “A Microsoft Intune license was not found. For a list of weekly feature announcements, see What's new in Microsoft Intune in the Intune product documentation. While not a deep dive, these handy tips and tricks will help set you on the right path. Also, did you know that hidden in the GitHub repo for Intune Graph API sample scripts there is a PowerShell script you can run to validate your NDES configuration to ensure it aligns with the steps in the above link? Pretty cool eh? Apr 10, 2024 · Configuring Microsoft Intune Certificate Connector Failed? Here's an easy fix: Just run the configuration wizard as administrator! Feb 11, 2025 · The following graphic provides a basic overview of the PKCS certificate deployment process in Intune. Happy for any Help. I personally ran into this and spent some time troubleshooting in my own test environment. Feb 11, 2025 · Troubleshoot the reporting by NDES and the Intune Certificate Connector about a successful deployment of certificates that were provisioned with SCEP certificate profiles. Always On VPN administrators using Intune to depl… Jan 29, 2024 · Troubleshooting in an Intune environment can be challenging, as it is often unclear where to find the right logs and information. Feb 11, 2025 · This article gives troubleshooting guidance for several common issues when deploying Public Key Cryptography Standards (PKCS) certificates in Microsoft Intune. Before troubleshooting, ensure you've completed the following tasks, as explained in Configure and use PKCS certificates with Intune: Apr 25, 2021 · Installing the Intune Connector for Active Directory is a straight forward process that completes very quickly. Once the installation is complete it will create MSA which will the same right on that OU once we add the distinguished name of the OU in the config file. Oct 30, 2018 · First published on TechNet on Jul 31, 2018 By Iain Greer | Intune Software Engineer In this support tip, we share details about a common problem that customers run into when setting up or continuing to run the NDES connector. I seems to be struggling to reach Azure, despite having firewall rule applied to allow all traffic to the endpoints listed on the microsoft articles regarding intune connector, implementation. Issue Mar 22, 2023 · Mit dem runderneuerten „Certificate Connector for Microsoft Intune“, auch bekannt als „Microsoft Intune Certificate Connector“ hat sich… Moment, denkt hier noch jemand bei dieser kreativen Namensgebung an… Feb 11, 2025 · Resolves an issue in which the Microsoft Intune Connector Setup Wizard ends prematurely when you install the Intune Certificate Connector (NDESConnectorSetup. Jun 24, 2024 · Summary This article is not a comprehensive troubleshooting guide for problems associated with failed PKCS certificate deployment using the Microsoft Intune Certificate connector and PKCS. x, the Intune Connector Service logs events in the Event Viewer (Applications and Services Logs > Microsoft Intune Connector). The Intune Certificate Connector sends a PFX Blob and Request to your Microsoft Certification Authority. If there's any misunderstanding, please let us know. Learn how to download, install, and troubleshoot the MS Intune Connector for Active Directory to fix common issues and improve network performance. Troubleshooting It is useful to know that on PFX connector servers, the directory where certificate requests from Intune are processed Microsoft Intune admin center allows you to manage devices, apps, and users securely and efficiently. Visit the Intune Customer Success blog for posts about best practices, support tips, and other tutorials, and a backlog of past known issues. ejcxta zdyfozu nzyg jxq xiycxw vndxrk nzn nbbfpa kpid mdosg urkg vsumqfz ola hqzyj drnaw