Call4Cloud | MMP-C | Autopilot | Device Preparation

Troubleshooting Intune Enrollment: Solving the 0x80180031 MDM Not Configured Error

Patch My Pc | install & update thousands of apps

In this blog, we’ll dive into the common headache of enrolling existing devices to Intune and hitting the 0x80180031 error, often caused by the fact that Mobile Device Management is not configured.

We’ll explore what goes wrong, from MDM scope misconfigurations to missing registry entries, and break down how you can quickly resolve it. Whether you need to check the scope, verify DNS CNAMEs, or run a PowerShell script to set the correct MDM URLs, this guide has you covered to ensure smooth enrollment.

0x80180031

You’re setting up a device for Intune enrollment, everything seems in place, and then bam, you hit the dreaded 0x80180031 error. Event logs (like Event ID 76) tell you MDM isn’t configured. (Mobile Device Management (MDM) is not configured)

Event id 76: 0x80180031 Mobile Device Management (MDM) is not configured)

What’s going wrong? Let’s unravel this mystery and fix the enrollment process.

The error usually indicates a misconfiguration in how the device connects with Intune. Specifically, it’s about missing MDM URLs and some key setup steps in the registry that need to be in place. Here’s how you can get back on track.

Understanding the Setup

When you’re enrolling an existing device into Intune, everything starts with MDM scope. Go into Azure AD and check the scope settings—make sure it’s set to either All users or a specific group (and yes, it must be users, not devices). More often than not, the problem lies here, so double-check this configuration first.

Configuring the MDM scope to all or a certain user group should solve the mdm enrollment issue

But what if the MDM scope checks out? The next culprit might be your DNS CNAME records. These need to be correctly configured, and you can easily verify this in the Intune portal.

checking the cname dns records to make sure the device can enroll

At this point, also ensure that the user attempting to enroll has the proper Intune license assigned and the MDM Authority is set to Microsoft Intune.

Checking the license of the enrolling user to make sure the user is licensed for Intune

As shown below, in our case the MDM Authority is set to Microsoft Intune. If somehow the authority is not set you could check out this blog to set it.

Checking if the mdm authority is set to microsoft Intune

If you’ve made it this far without success, let’s dive a little deeper.

Debugging the Error

When the 0x80180031 error pops up, it essentially tells you the device is missing some key information, specifically, the MDM Enrollment URLs. (MENROLL_E_MDM_NOT_CONFIGURED)

(MENROLL_E_MDM_NOT_CONFIGURED) 0x80180031

These URLs tell the device where to go to complete its enrollment into Intune, and if they’re absent, Intune enrollment is a non-starter.

A useful way to dig into this is to run dsregcmd /status. In the output, you’ll want to pay close attention to the Device Management section.

dsregcmd /status showing the output of the mdmurl and mdmtourl. Those should be configured

If you don’t see any URLs under MDM Enrollment, Terms of Use, or Compliance, that’s your smoking gun.

in this example the mdmurl is empty which is not good

Fixing the Registry

So what do you do? It’s time to fix the registry keys. The missing URLs can be populated by manually adding them under:

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\CloudDomainJoin\TenantInfo\YourTenantID

the mdmenrollmenturl should be configured in the registry in the tenantinfo registry key. Dsregcmd /status pulls its informaiton from there

When using dsregcmd /status, that command would check those registry keys. If they aren’t defined, this will result in the error you’re seeing. Luckily, you can resolve this by running a PowerShell script that will fill in the correct URLs:

$key = 'SYSTEM\CurrentControlSet\Control\CloudDomainJoin\TenantInfo*'

$keyinfo = Get-Item "HKLM:$key"

$url = $keyinfo.name

$url = $url.Split("\")[-1]

$path = "HKLM:\SYSTEM\CurrentControlSet\Control\CloudDomainJoin\TenantInfo$url"

New-ItemProperty -LiteralPath $path -Name 'MdmEnrollmentUrl' -Value 'https://enrollment.manage.microsoft.com/enrollmentserver/discovery.svc' -PropertyType String -Force -ea SilentlyContinue;

New-ItemProperty -LiteralPath $path -Name 'MdmTermsOfUseUrl' -Value 'https://portal.manage.microsoft.com/TermsofUse.aspx' -PropertyType String -Force -ea SilentlyContinue;

New-ItemProperty -LiteralPath $path -Name 'MdmComplianceUrl' -Value 'https://portal.manage.microsoft.com/?portalAction=Compliance' -PropertyType String -Force -ea SilentlyContinue;

After running the script, check the dsregcmd /status output again. You should now see the MDM URLs populated. With those MDM urls populated, you could now kick off the device enroller to start the real enrollment, and the device should enroll without a hitch.

0x8007052e: Another Enrollment Error to Watch For

While 0x80180031 is a common issue, there’s another error you might encounter during Intune enrollment: 0x8007052e. This error typically appears when the MDM Enrollment URL is missing or incomplete, preventing the device from successfully reaching Intune during a Windows Autopilot Enrollment

0x8007052

You may also notice these errors showing up in the Modern Device Management Event logs:

“Registering your device for mobile management (4, 0x8007052e)”

“We couldn’t find the corresponding MDM information for this Azure AD device. Error: 0x8007052e”

In the Event Viewer, under the Moderndeployment-Diagnostics-Provider-Autopilot logs, you may notice an entry like this:

“AutopilotManager failed during device enrollment phase DeviceDiscovery. HRESULT = 0x8007052E”

These error messages indicate that the device couldn’t retrieve the necessary MDM information from Azure AD, typically because of missing or misconfigured MDM scope settings, or DNS CNAME records.

If you run into this error, ensure the MDM scope is set correctly in Entra ID and verify the DNS CNAME configuration.

Conclusion

The 0x80180031 error can be frustrating, but it usually boils down to misconfigured MDM settings or missing registry entries. By verifying the MDM scope, CNAME records, and licenses, then using the PowerShell script to populate the missing URLs, you’ll be back on track with device enrollment in no time.

Leave a Reply

Your email address will not be published. Required fields are marked *

5  +  2  =  

Proudly powered by WordPress | Theme: Wanderz Blog by Crimson Themes.