<aside> ℹ️ This is only possible if you have a Microsoft 365 Business Premium license or higher.
</aside>
If your device has a problem during the process of joining a domain and fails to join, when you try to do so again it may say that it is already enrolled – even though it is not, and it is in fact seeing the failed enrolment. A similar problem may occur if a machine was previously joined under another user’s account, that has been deleted, and the machine
To solve this, the following registry key can be edited. WARNING: this will likely destroy the machine’s relationship with the domain, so we only recommend doing this if there is one single user account on the machine.
Remove the GUID key that lists the username and device name under: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Enrollments This will remove the failed domain join and allow you to try again.
If a GUID key is not listed, change the value of the DWORD MmpcEnrollmentFlag to 0 under: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Enrollments This will force the machine to assume it is not joined and allow you to try again.
We recommend restarting the machine before trying to join to the domain again.
To join macOS devices requires additional configuration within your organisation’s domain. An Apple Push Certificate is required, which must be obtained from Apple and then applied to your organisation’s infrastructure. This also requires some management and annual renewal. Please contact us to request this be added to your organisation/domain.