Let’s check how you can fix Something went wrong Error 801c0003, and referring troubleshooting steps to help resolve an issue where a user is not authorized to enroll their Windows device.
The error Something went wrong Error 801c0003, here I came across when trying to initiate Windows Autopilot user driven process. After connecting to a network, The user is prompted for Azure AD credentials and signed in with corp credentials.
There are different methods to enroll Windows 11 PCs in Intune. You can use MDM auto-enrollment option from Azure AD to automatically register Azure AD joined Windows 10/11 PCs. You can also use Intune Group policy to enroll Hybrid Azure AD joined devices to Intune automatically.
If you want to connect your Windows 10 or 11 to your work or school account using Azure Active Directory (AAD), fail to connect the machine using an AAD account. In this case, Users received It Looks like we can’t connect to the URL for your organization’s MDM terms of use message.
- Windows Autopilot Troubleshooting – Beginners Guide
- FIX Intune Windows Enrollment Invalid_Client Error
Intune Enrollment Something went wrong Error 801c0003
When attempting to authenticate when setting up a device in OOBE or joining the device from settings options, you might get the Something went wrong prompt also, when a user tries to enroll a Windows device, they see one of the following error messages:
Error 0x801c003: “This user is not authorized to enroll. You can try to do this again or contact your system administrator with the error code (0x801c0003).”
Error 80180003: “Something went wrong. This user is not authorized to enroll. You can try to do this again or contact your system administrator with error code 80180003.”
These errors can result from any of the following conditions:
- The user has already enrolled the maximum number of devices allowed in Intune.
- The device is blocked by the device type restrictions.
- The computer is not running supported Windows 10 or 11 edition.
- The Azure AD setting Users may join devices to Azure AD is set to None, which prevents new users from joining their devices to Azure AD. Therefore Intune enrollment fails.
Possible Solutions to Fix Intune Enrollment Something went wrong Error 801c0003
Let’s check how you can validate if the device is blocked by the device type restrictions and make appropriate configuration changes.
Validate Device Enrollment Limit Restrictions
In Intune Portal, Navigate to Devices > Enrollment restrictions, and then select the Default restriction under Device Type Restrictions.
Device Limit restriction is the policy to restrict the number of devices a user can enroll in Intune. The default value of Intune device limit restriction is five(5). The maximum value of Intune device limit is fifteen(15).
- Default – 5 Devices
- Maximum – 15 Devices
Validate Enrolled Device
If your user has reached the maximum number of allowed devices, use these steps to remove unused devices.
- Sign in to the Microsoft Intune admin center. Navigate to Users > All Users.
- Select the affected user account, and then click Devices.
- Select any unused or unwanted devices, and then click Delete.
Validate Device Type Restrictions
Device TYPE restriction is the policy to restrict or block devices. Under Platforms Settings, review the setting for Windows (MDM). Ensure that Allow is selected.
Important – If the current setting is already Allow, change it to Block, save the setting, and then change it back to Allow and save the setting again. This resets the enrollment setting.
Supported Windows Edition
If the computer is running Windows 10 Home. However, enrolling in Intune or joining Azure Active Directory (Azure AD) is only supported on Windows 10 Pro and higher editions. Upgrade Windows 10 Home to Windows 10 Pro or a higher edition.
Validate User Scope in Azure AD Device Settings
The Azure AD setting Users may join devices to Azure AD is set to None, which prevents new users from joining their devices to Azure AD. Therefore Intune enrollment fails.
Here check or update your Azure AD settings to allow users to join devices.
- Sign in to the Azure portal https://portal.azure.com/ as an administrator.
- Navigate to Azure Active Directory > Devices > Device Settings.
- Set Users may join devices to Azure AD to All. Enroll the device again.
Author
About Author – Jitesh, Microsoft MVP, has over six years of working experience in the IT Industry. He writes and shares his experiences related to Microsoft device management technologies and IT Infrastructure management. His primary focus is Windows 10/11 Deployment solution with Configuration Manager, Microsoft Deployment Toolkit (MDT), and Microsoft Intune.