Well, let’s find out what could be one of the reasons for the Intune error Server Returned Fault Code Subcode Value DeviceNotSupported. The error includes the following details as well “Server Returned Fault/Code/Subcode/Value=(DeviceNotSupported) Fault/Reason/Text=(OS Version 10.0.19041.0 lower than 10.0.19041.330).”
This is one of the errors which you want to happen for your users when required! Surprised! Well, read on! Let me help you to find more details about the enrollment error.
Intune Enrollment Restriction Policies
Let’s understand what is Intune enrollment restriction policies. There are two types of enrollment restriction of policies and then there is a priority setting! More details https://docs.microsoft.com/en-us/mem/intune/enrollment/enrollment-restrictions-set.
- Device Type
- Device Limit
- Device Type Restrictions are there to restrict/prevent users from enrolling in particular types of devices into MDM (NOT MAM!).
- These enrollment restriction policies are NOT applicable for MAM enrollments.
- These enrollment restriction policies are NOT applicable to the Azure AD Registration process on Windows 10 devices.
Enrollment Restriction Based on Windows 10 Version
NOTE! – The following policy configuration is deployed to the user who is going to enroll a Windows 10 2004 version device to Intune MDM. More details 👉https://www.anoopcnair.com/block-personal-windows-devices/
- Intune gives control to the MDM enrollment of Windows 10 based on the version.
- The version control is based major.minor.build.rev.
- I used the Minimum version configuration using the following option Allow min/max range:
- major.minor.build.rev for 1909= 10.0.18363.900
- major.minor.build.rev for 2004= 10.0.19041.329
Try Enrolling – Server Returned Fault Code
- + Connect option might work fine for the Azure AD Registration scenario even though you have Device Type Restriction and blocked Windows 10 personal devices from enrolling in Intune MDM. More details about this option here.
- I get the following error in the event log – Microsoft-Windows-DeviceManagement-Enterprise-Diagnostics-Provider/Admin
- The minimum version of Windows 10 allowed to enroll into Intune MDM is 10.0.19041.330. But, the version of Windows 10 which I tried to enroll was 10.0.19041.0.
Event Logs
Let’s check the event log errors when you configure device type restriction policy for Intune MDM enrollment restrictions.
Event ID 52 - MDM Enroll: Server Returned Fault/Code/Subcode/Value=(DeviceNotSupported) Fault/Reason/Text=(OS Version 10.0.19041.0 lower than 10.0.19041.330). Event ID 59 - MDM Enroll: Server context (35b07916-950b-4c61-bb38-0430f8a17181). Event ID 11 - MDM Enroll: Failed to receive or parse certificate enroll response. Result: (Unknown Win32 Error code: 0x80180014). Event ID 71 - MDM Enroll: Failed (Unknown Win32 Error code: 0x80180014)
Resources
- 📌Intune Enrollment restriction – https://docs.microsoft.com/en-us/mem/intune/enrollment/enrollment-restrictions-set
- 📌Priorities – https://docs.microsoft.com/en-us/mem/intune/enrollment/enrollment-restrictions-set
- 📌Windows 10 Build numbers https://www.anoopcnair.com/windows-10-build-numbers-version-numbers/
- 📌Enrollment Restriction Policies Device Type and Device Limit policies – https://www.anoopcnair.com/block-personal-windows-devices/