Resolving workflow limitations with Windows device enrollment
1. Windows enrollment redirects to Intune device enrollment.
Users are asked to enter their email address while enrolling Windows devices in an MDM. The device maps this email address to the MDM server associated with the domain in the DNS. So, the users will not be prompted to enter the MDM server address before initiating enrollment. This is because the CNAME record for enterprise enrollment in the DNS is proactively configured.
By default, this will be set as enterpriseenrollment.manage.microsoft.com – the Intune enrollment sever. It is not an issue with the Hexnode’s device enrollment procedure but the general workflow of Windows devices. So, if you are trying to enroll in Hexnode using your company mail address, the enrollment procedure fails.
It is recommended to change the CNAME set for EnterpriseEnrollment in your DNS to your Hexnode MDM server address to prevent such discrepancies. To rectify this, in your DNS server, go to domains and change the EnterpriseEnrollment CNAME to <portalname>.hexnodemdm.com.
If you don’t have enough privileges to do this or simply don’t know how to do this, use the following procedure.
Enter ms-device-enrollment:?mode=MDM&username=emailid&servername=<portalname>.hexnodemdm.com in your Windows device’s browser. This will automatically initiate the MDM enrollment.
2. “Authentication Error! The credential used for authentication belongs to a different user. Please check the assigned user and retry.” error message is displayed.
This issue occurs when a device with the same UDID has already been enrolled in the UEM portal. Such an instance can arise when a device cloned using the OS image file of a previously enrolled device is attempted to be enrolled in Hexnode.
Open Registry Editor and delete the following registry key from the device:
Deleting the ‘MDMDeviceID’ registry key will allow you to enroll the device in the Hexnode portal successfully.