EmilK Posted June 7 Share Posted June 7 Hi, Problem statement: Autopilot or Microsoft Entra Enrollment, are not working. Users are able to sign in on Microsoft 365 Apps, eg. Word, Outlook, etc. though. Errors: Users are hit with a Workspace ONE UEM error: User not found. Upon mousing over Enrollment Support, these are generic support values for email and phone, eg. company@company.com Upon clicking Exit, users are met with a Microsoft error: It looks like we can't connect to the URL for your organisation's MDM terms of use. Error: unauthorized_client. Troubleshooting steps taken: 1. Triple-checked I have the Mobility App AirWatch by VMware has the correct values in MDM discovery URL and MDM terms of use URL respectively. 2. Checked the immutable ID - ObjectGUID is correctly defined across Active Directory, Workspace ONE UEM and Workspace ONE Access. 3. Verify setup as per the documentation: https://techzone.omnissa.com/enrolling-windows-devices-using-azure-ad-workspace-one-uem-operational-tutorial I do not have premises MDM application under Add Application. 3. Checked device registration limits in Intune + Workspace ONE UEM. 4. Checked the succesful login logs from Workspace ONE Access and Microsoft Entra ID. Both reporting success. To me, it seems like the final registration of the device in Workspace ONE UEM; but I'm lost here... And don't know how to confirm that? Quote Link to comment Share on other sites More sharing options...
Mikhail Posted June 19 Share Posted June 19 this sounds like user provisioning in UEM ... how have you configured user provisioning - ACC, just-in-time from Access etc? Quote Link to comment Share on other sites More sharing options...
Employee Sascha Warno Posted June 19 Employee Share Posted June 19 @EmilK what is your UEM environment? Is this a shared SaaS? Usually there error is different, but your env needs to be added to the AirWatch by VMware app if its a newer shared or dedicated SaaS. We wont add On Premises MDM there. Other points, how do you authenticate into Entra ID? How do you sync users into UEM? Is the ImmutableID/ AAD mapping attribute in UEM set as String or Binary? Quote Link to comment Share on other sites More sharing options...
Mikhail Posted June 19 Share Posted June 19 by the way - can you enroll iOS or Android devices? Quote Link to comment Share on other sites More sharing options...
Solution EmilK Posted June 19 Author Solution Share Posted June 19 We had to delete the VMWare by Airwatch Mobility App in Azure AD and add it again. Then, I was asked to accept the permissions required for the app as an admin. Luckily, nothing broke 🙂 1 Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.