Well, let’s find out what could be one of the reasons for the Intune error Unknown Win32 Error code 0x80180014. The error includes the following details as well “Failed to Receive or Parse Certificate Enroll Response.” This is one of the errors which you want to happen for your users when required! Surprised! Well, read on!
The updated information about this topic is available – Fix Intune Enrollment Errors 0x80180014 80180003 Unknown Win32 Error Code Failed Issue HTMD Blog (anoopcnair.com)
Intune Enrollment Restriction Policies
Let’s understand what is Intune enrollment restriction policies. There are two types of enrollment restriction of policies and then there is a priority setting! More details https://docs.microsoft.com/en-us/mem/intune/enrollment/enrollment-restrictions-set.
- Device Type
- Device Limit
- Device Type Restrictions are there to restrict/prevent users from enrolling in particular types of devices into MDM (NOT MAM!).
- These enrollment restriction policies are NOT applicable for MAM enrollments.
- These enrollment restriction policies are NOT applicable to the Azure AD Registration process on Windows 10 devices.
NOTE! – The following policy configuration is deployed to the user who is going to enroll a Windows 10 2004 version device to Intune MDM. More details 👉https://www.anoopcnair.com/block-personal-windows-devices/
- I have configured the following configuration as per the above blog post to block Windows 10 personal devices.
- + Connect option might work fine for the Azure AD Registration scenario even though you have Device Type Restriction and blocked Windows 10 personal devices from enrolling in Intune MDM. More details about this option here.
Intune MDM Enrollment from Windows 10 Personal Device
I’ve configured MDM auto-enrollment from Intune. As per my understanding, this is applicable only for Azure AD joined devices and personal devices are always Azure AD registered devices. Hence MDM auto-enrollment policies are not applicable there. Let me know in the comments if this understanding is wrong!
Let’s try to understand the Intune MDM Enrollment from Windows 10 Personal Device. There are many ways to enroll a device into MDM management using Intune.
Unknown Win32 Error code 0x80180014
The user got the following error when he tried to perform “Enroll Only into MDM” from Settings 👉Accounts 👉 Access work or school options on Windows 10 2004 version device.
This error is expected if the user who is tried to perform enroll the device is part of the Intune Device Type Restriction policy where personal device enrollment is BLOCKED. More details 👉https://www.anoopcnair.com/block-personal-windows-devices/
Event Logs
Let’s check the event logs to understand the error “Failed to receive or parse certificate enroll response. Result: (Unknown Win32 Error code: 0x80180014).”
- Event Logs Entries 👉 Microsoft-Windows-DeviceManagement-Enterprise-Diagnostics-Provider/Admin.
- Event IDs are 55, 71, 11, 52, and 59
📌MDM Enroll: Authentication successful: Got token from STS. 📌MDM Enroll: Certificate enrollment request sent successfully. 📌MDM Enroll: Server context (5748f3f6-a165-4da6-9336-9dc6f07a6273). 📌MDM Enroll: Server Returned Fault/Code/Subcode/Value=(DeviceNotSupported) Fault/Reason/Text=(Device Identifier not preregistered). 📌MDM Enroll: Failed to receive or parse certificate enroll response. Result: (Unknown Win32 Error code: 0x80180014). 📌MDM Enroll: Failed (Unknown Win32 Error code: 0x80180014)
Resources
- 📌Intune Enrollment restriction – https://docs.microsoft.com/en-us/mem/intune/enrollment/enrollment-restrictions-set
- 📌Priorities – https://docs.microsoft.com/en-us/mem/intune/enrollment/enrollment-restrictions-set
- 📌Windows 10 Build numbers https://www.anoopcnair.com/windows-10-build-numbers-version-numbers/
- 📌Enrollment Restriction Policies Device Type and Device Limit policies – https://www.anoopcnair.com/block-personal-windows-devices/