Here's a heads up on an error you might run into when enrolling devices. This one comes from Will Swanda, a Senior Support Engineer up in our Washington state office:
Issue: When enrolling a device that is tethered to a host computer using ActiveSync, before the password prompt can display the following error may appear on the device:
"Unable to enroll this device in the company domain. Contact the System Administrator for Assistance."
Cause: If the device is tethered to the host PC, an exception must be added for the Work Domain in the device. If not, the error above can be generated. To help confirm whether this is your issue you can verify the following:
- Confirm from IE on the phone that we can browse to: https://mobileenroll.mydomain.com/enrollmentserver/service.asmx.
- Verify that the pre-enroll is set up correctly by making sure a 0 is returned when browsing to: https://mobileenroll.mydomain.com/enrollmentserver/service.asmx?op=ShouldEnroll
- Verify that the Domain Enroll application on the tethered phone is still trying to locate the mobileenroll.mydomain.com via the Internet. This can be confirmed with the Windows Mobile Network Analyzer Power toy.
- Verify that Enrollment Logging is enabled using the Connect Now tool and the error seen in the deviceupdate.log is:
"Discovering Server & Enroll Eligibility: Server discovery failed, hr = 0x80004005"
- Verify that IE is resolving the mobileenroll site via the tethered connection, but the Domain Enrollment application is not.
Resolution: Add a Work Domain exception to the device. To do this, in the MDM admin console, go to Start | Settings | Connections Tab | Connections | Advanced Tab | Exceptions and enter the URL for your network.
Note: Wildcards can be used in the URL. For example, *.corp.company.com would work for internal URLs with the suffix of corp.company.com.
J.C. Hornbeck | Manageability Knowledge Engineer