Something Went Wrong the User is Not Authorised to Enroll
I’ve been rolling out a setup of intune to a client for about 30 machines, during the migration they are configuring the machines off site and using a single account to register the devices in Azure and then intune via AutoPilot.
After they had did a handful of devices they received the following error:
Something went wrong. This user is not authorized to enroll. You can try to do this again or contact your administrator with the error code 801c0003.
Now as they had already registered a few devices I was pretty sure that the issue was because they where using a single account to register devices in Azure AD, with AutoPilot configured to auto enroll devices they will have hit the default limit of 5 fairly quick. To resolve this we can increase the limit as seen below. Additionally I’ve listed other issues that may cause this.
Increase Intune Device Limit
- Log into the Azure Portal
- Click search and enter intune
- Select intune
- Select Enrollment Restrictions
- Select Properties
- Change Device Limit Restrictions to chosen value
Other Causes of the 801c0003 Error
As mentioned, there a other issues that may generate this error as seen below:
Devices no longer used
You r user may of hit the 5 limit threshold but no longer have the device, we can remove with the following.
- In the Azure Portat select > Azure Active Directory > Devices.
- Locate the Device and select
- Delete the device
Does the User have Permissions to Enroll
The user in question may not have the relevant permissions or be in the correct group to enroll a device. If you have Auto Pilot enable make sure the user is in the relevant auto Pilot Group.
- In the Azure Portal select > Azure Active Directory > Device enrollment – Windows enrollment > Deployment Profiles
- Select the profile
- Select Properties
- Select Assignements
- Ensure user is assigned or in correct group.
We can also check the user is in MDM scope with the following:
- In the Azure Portal select > Azure Active Directory > Mobility (MDM and MAM) > Microsoft Intune
- Check the scop, Either None, Some or All will be slected
- Add the user or group if required.
Tags: intune