Fantastic helpful Video, the only thing i don't quite understand is with hybrid joined , do i need to provision the machine on the local network, we have a lot of hybrid workers. So we would want to be able to send them the new laptop at home and have autopilot provision as hybrid.
@@theCMC awesome!! I thought that ESP was for ensuring that the user can be locked down on the progress page so that they don't enter into windows without having their apps and stuff. Please include an insight in your upcoming video as to how and why ESP is related to problem you had. Thanks a bunch!!
My autopilot works fine with hybrid ad joined. The only issue I get is the sync under accounts shows “a sync error of 0x80190194” the device shows in azure, shows in intune but for some reason the sync to intune keeps failing
So you're saying that the device wants to joind AD FIRST, then gets synced to Azure AD and this is what you (or the user) had to wait for? So if the user is not at the office, the device should need a VPN-connection prior to the setup routine for this and the setting "Skip AD connectivity check" in the enrollment policy would make no sense? I'm a bit confused...
Yes, that’s correct. The ability to skip AD connectivity check allows the use case where the first app to be deployed after autopilot starts is a device VPN.
@@theCMC Thanks for your fast reply! Sadly AAD only is not an option for us, because we heavily depend on our local GPOs. And i guess that if we switch to AAD joined devices, there's no way they can get these GPOs. How could they, when they have no OU to be assigned (or even show up in local AD) :D
:-) You'd be surprised how much you don't actually need local AD when you try it. There are ADMX-backed Intune policies that replicate GPOs, so GPO is no longer a blocker. Have you seen this? ua-cam.com/video/4R-krjqQKfE/v-deo.html
Yeah, I went through your last video and followed the steps and got a similar error, I get the generic 80180005 error - "There was an error communicating with the server. Try again.. blah blah" It was left for more than 24 hours so it might be another issue causing this.
@@theCMC Thank you so much! I was able now to complete the Hybrid. Encountered another issue: I noticed that it created duplicate objects (2 computers with the same name) in Endpoint after I moved the PC in AD to another OU. Any idea why that happened?
Did you every post the 3rd edition of the Hybrid joined Autopilot, will really help. Thank you
Fantastic helpful Video, the only thing i don't quite understand is with hybrid joined , do i need to provision the machine on the local network, we have a lot of hybrid workers. So we would want to be able to send them the new laptop at home and have autopilot provision as hybrid.
Nice one. I like your videos. Live videos and also troubleshooting them as well
Thanks! I've already recorded the next step (removing User ESP), so it won't be long to you can see how that worked out!
@@theCMC can you please post that video. Thanks!
Editing tomorrow so it’ll be up in 24hrs or less!
@@theCMC awesome!! I thought that ESP was for ensuring that the user can be locked down on the progress page so that they don't enter into windows without having their apps and stuff. Please include an insight in your upcoming video as to how and why ESP is related to problem you had. Thanks a bunch!!
My autopilot works fine with hybrid ad joined. The only issue I get is the sync under accounts shows “a sync error of 0x80190194” the device shows in azure, shows in intune but for some reason the sync to intune keeps failing
So you're saying that the device wants to joind AD FIRST, then gets synced to Azure AD and this is what you (or the user) had to wait for? So if the user is not at the office, the device should need a VPN-connection prior to the setup routine for this and the setting "Skip AD connectivity check" in the enrollment policy would make no sense? I'm a bit confused...
Yes, that’s correct.
The ability to skip AD connectivity check allows the use case where the first app to be deployed after autopilot starts is a device VPN.
Yes. You’d need pre login working.
Have you considered using Azure AD only devices? You can manage them via Intune & SCCM too.
@@theCMC Thanks for your fast reply! Sadly AAD only is not an option for us, because we heavily depend on our local GPOs. And i guess that if we switch to AAD joined devices, there's no way they can get these GPOs. How could they, when they have no OU to be assigned (or even show up in local AD) :D
:-) You'd be surprised how much you don't actually need local AD when you try it. There are ADMX-backed Intune policies that replicate GPOs, so GPO is no longer a blocker.
Have you seen this?
ua-cam.com/video/4R-krjqQKfE/v-deo.html
Yeah, I went through your last video and followed the steps and got a similar error, I get the generic 80180005 error - "There was an error communicating with the server. Try again.. blah blah" It was left for more than 24 hours so it might be another issue causing this.
Did you check if the object was created in AD before the error appeared? It could be internal connectivity to the DC / Intune Connector
So watching this and wondering if there was a follow up to this follow up?
Following up also if there was a new video that was released about this...Thank you!
I think this is the follow up: Fix Hybrid Autopilot - this did NOT go well
ua-cam.com/video/arHDOZ8efAA/v-deo.html
@@theCMC Thank you so much! I was able now to complete the Hybrid. Encountered another issue: I noticed that it created duplicate objects (2 computers with the same name) in Endpoint after I moved the PC in AD to another OU. Any idea why that happened?
I am still having the same issue!
Have you disabled the User ESP? You need to wait at least 1 hour before logging in after AP completes.
Can you do hybrid autopilot with Windows 11? Not sure if you have a video of it already but couldnt find it.
Hi Eyra we plan on adding more Autopilot videos soon so will look to include this. Thanks