Windows failed to apply the MDM Policy settings

21/01/2021 2 Comments

Active Directory, Azure

Been debugging like crazy the last day with this symptom:

When you run the gpupdate /force command on a hybrid Azure Active Directory (Azure AD)-joined Windows device that’s enrolled in Microsoft Intune, you receive the following warning message:

Updating policy…

Computer Policy update has completed successfully.

The following warnings were encountered during computer policy processing:

Windows failed to apply the MDM Policy settings. MDM Policy settings might have its own log file. Please click on the “More information” link.
User Policy update has completed successfully.

For more detailed information, review the event log or run GPRESULT /H GPReport.html from the command line to access information about Group Policy.

Should have Googled it though, because this is “Expected behavior” 🙂

Cause

This issue occurs if the Auto MDM Enrollment with AAD Token Group Policy Object (GPO) is applied to the Windows device. In this case, it tries to enroll the device in MDM when you run the gpupdate /force command. Because the device was already enrolled, you receive the warning message.

This behavior is expected. You can safely ignore the warning message.

 

Source: Windows failed to apply MDM Policy settings – Intune | Microsoft Docs

 

🙂

 

Related Posts

2 Comments

  1. Radec

    Hi Martin,

    I have the same error on my client pc’s. I have set the GPO “Auto MDM Enrollment with AAD Token” back to “Not Configured”, but the message is stil lappearing, even for newly installed pc’s.

    How can I get rid of this message?

    Kind regards,

    Radec

    Reply
    1. Martin (Post author)

      Hi, go to trouble shooting here:
      https://docs.microsoft.com/en-us/windows/client-management/mdm/enroll-a-windows-10-device-automatically-using-group-policy

      Find “By default, these entries are removed when the device is un-enrolled, but occasionally the registry key remains even after un-enrollment.” and remove the reg keys shown above (They will have others numbers than you have so take caution 🙂

      Regards Martin

      Reply

Leave a Comment

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.

By continuing to use the site, you agree to the use of cookies. more information

The cookie settings on this website are set to "allow cookies" to give you the best browsing experience possible. If you continue to use this website without changing your cookie settings or you click "Accept" below then you are consenting to this.

Close