How many devices do you have registered to your regular account, and are other users getting this same issue or just you? I can get this from time to time if I have been lax about clearing out test device records and I reach the enrollment quota on my primary account.
How many devices do you have registered to your regular account, and are other users getting this same issue or just you? I can get this from time to time if I have been lax about clearing out test device records and I reach the enrollment quota on my primary account.
Good thought and thanks for chiming in so quickly, but I did clear out devices, worried about this exact issue first. Our org also has set a manual limit to, like, 100 devices or something, so, SO FAR it's not a device limit issue. But that's absolutely a good place to start, thank you!
How many devices do you have registered to your regular account, and are other users getting this same issue or just you? I can get this from time to time if I have been lax about clearing out test device records and I reach the enrollment quota on my primary account.
Also, to answer the rest of your question, yes. It's universal across the folks I have testing in IT at least. Our standard account is unable to get past that error and our Admin accounts work perfectly.
Hi there
This is always a hard one as everyone has slight variations in their company config. From a permission perspective we really did not have to do anything special with our users. Just adjust a few scopes and tweak a few CAs.
A few questions, for the other accounts you are trying to register with.
Are the users in scope for device compliance on your Compliance Partner in Intune?
Do you have any Conditional Access policies that may block a standard user from reaching "User Registration App for Device Compliance" in Azure/Entra?
Are the devices in scope for Device compliance?
Confirm the user you are doing the registration under is in the right Azure groups that's scoped on your Jamf Partner Device connector.
Please ensure that users are not scoped to both the Partner Device Management and Partner Compliance management modules. Users should be scoped to either of these modules.
Hi there
This is always a hard one as everyone has slight variations in their company config. From a permission perspective we really did not have to do anything special with our users. Just adjust a few scopes and tweak a few CAs.
A few questions, for the other accounts you are trying to register with.
Are the users in scope for device compliance on your Compliance Partner in Intune?
Do you have any Conditional Access policies that may block a standard user from reaching "User Registration App for Device Compliance" in Azure/Entra?
Are the devices in scope for Device compliance?
Thanks for the response, yes to the first and last questions and I have our security guys taking a look at the middle question.
Confirm the user you are doing the registration under is in the right Azure groups that's scoped on your Jamf Partner Device connector.
Yep, we have it scoped to our equivalent of an "active employees" group in AD. And I'm definitely a member of that group as scoping things to that group has workedd in the past, but it was worth checking.