1. Check if the Device is Already Enrolled
- Go to Settings → Accounts → Access work or school.
- If the account is already connected, remove it.
- Reboot and attempt enrollment again.
2. Use the Correct Work/School Account
- Ensure you’re using an Azure AD account provided by your organisation.
- Personal Microsoft accounts will not work for Intune enrollment.
3. Remove Conflicting Accounts
- Disconnect any unnecessary work or school accounts from Access work or school.
- Keep only the account that should be used for enrollment.
4. Sync Group Policies and MDM Settings
- Open Command Prompt (Admin) and run:
gpupdate /force
dsregcmd /status
- This refreshes policies and checks Azure AD/MDM join status.
5. Run Windows Update Troubleshooter
- Go to Settings → Update & Security → Troubleshoot.
- Run the Windows Update Troubleshooter to fix common misconfigurations.
6. Clear Windows Update Cache
- Open Command Prompt (Admin) and run:
net stop wuauserv
net stop bits
ren C:\Windows\SoftwareDistribution SoftwareDistribution.old
net start wuauserv
net start bits
- Retry the update after clearing cached files.
7. Reset Device Registration (for Intune)
- Open Command Prompt (Admin) and run:
dsregcmd /leave
- Restart your device and re-enrol it into Intune.
8. Run System File Checker (SFC) & DISM
- Open Command Prompt (Admin) and run:
sfc /scannow
DISM /Online /Cleanup-Image /RestoreHealth
- This repairs corrupted files that may block enrollment or updates.
9. Contact IT Admin (for Managed Devices)
- If the device is organisation-managed, contact your IT admin to verify enrollment permissions and MDM policies.