Enrolling devices into Intune and & ConfigMgr is normally straight forward until you run into issues. Below is an example where I received an enrollment error (picture 1), clicking Continue leads me to picture 2. As you can see in picture two the Enrollment Update turns from Warning to Checkmark, but only for about 5 seconds then it goes back to a warning.
Troubleshooting mobile devices is slightly different than traditional desktop troubleshooting. The troubleshooting options depends on the device (Android, iOS or Windows). In this example my device was an Android. You can email the log files from the Company Portal’s Settings page.
- In Settings, tap SEND DATA. This launches the device email application and attaches all the log files.
You will receive multiple files from the device
- CompanyPortalX.log. This log file contains a lot of information about the communication between the device and Microsoft Intune.
- Omadmlog.log. OMA-DM is an open mobile standard for managing mobile devices.
- com.microsoft.intune.mam.managedAppName.log. For each managed application, you have a log file with the name of the managed application.
In my case I was having issues enrolling the device and looked at the companyportal.log file from the device.
Notice the error where it says DeviceCapReached.
xmlns:s="http://www.w3.org/2003/05/soap-envelope" xmlns:a="http://www.w3.org/2005/08/addressing"><s:Header><a:Action s:mustUnderstand="1">DeviceCapReached</a:Action><a:RelatesTo>urn:uuid:0d5a1441-5891-453b-becf-a2e5f6ea3749</a:RelatesTo><ActivityId CorrelationId="86bcba8d-713d-4268-8e67-71d2d1edfb3f" xmlns="http://schemas.microsoft.com/2004/09/ServiceModel/Diagnostics">24adefb9-3a96-4f66-8dbb-ec57a7052cea</ActivityId></s:Header><s:Body><s:Fault><s:Code><s:Value>s:Receiver</s:Value><s:Subcode><s:Value>s:DeviceCapReached</s:Value>
</s:Subcode></s:Code><s:Reason><s:Text xml:lang="en-US">WindowsEnrollmentServiceError</s:Text></s:Reason><s:Detail><WindowsDeviceEnrollmentServiceError xmlns="http://schemas.microsoft.com/windows/pki/2009/01/enrollment" xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"><ErrorType>AuthorizationError</ErrorType><Message>DeviceCapReached</Message><TraceId>30525159-cff1-4ab0-bf2f-024faffaf3e6</TraceId></WindowsDeviceEnrollmentServiceError></s:Detail></s:Fault></s:Body></s:Envelope>, failureType: DRS WPJ v1.4.0, WorkplaceJoinFailure: null
My problem is that the Azure Active Directory registration device cap has been reached. The default limit is 20 devices (and as I was testing i passed that number). To fix the issue open https://byodtestservice.azurewebsites.net/ and delete the devices that are no longer needed. After that your can enroll new devices.