dsregcmd - dcasota/Lenovo83BY GitHub Wiki
The dsregcmd /status command provides detailed information about the device's Azure AD (AAD) and Hybrid Azure AD registration status. It is commonly used for troubleshooting issues with device authentication, single sign-on (SSO), and Azure AD integration. Here's what it displays:
Key Sections of dsregcmd /status Output: Device State:
-
AzureAdJoined: Indicates whether the device is joined to Azure AD.
-
EnterpriseJoined: Indicates whether the device is joined to a local AD domain.
-
DeviceId: The unique identifier for the device in Azure AD.
-
TenantId: The Azure AD tenant identifier.
User State:
-
AzureAdPrt: Displays whether the Primary Refresh Token (PRT) is available.
-
DomainJoined: Indicates whether the user is domain-joined.
-
UserName: Displays the username of the currently signed-in user.
SSO State:
-
WamDefaultSet: Shows if the default web authentication manager is set.
-
AzureAdPrt: Indicates if the Primary Refresh Token is valid and available for Single Sign-On.
Diagnostic Data:
- Provides details about any errors or issues encountered with device registration.
Service Connectivity:
- Indicates whether the device can communicate with Azure AD services and endpoints.
+----------------------------------------------------------------------+
| Device State |
+----------------------------------------------------------------------+
AzureAdJoined : NO
EnterpriseJoined : NO
DomainJoined : NO
Virtual Desktop : NOT SET
Device Name : ltdca
+----------------------------------------------------------------------+
| User State |
+----------------------------------------------------------------------+
NgcSet : NO
WorkplaceJoined : YES
WorkAccountCount : 1
WamDefaultSet : YES
WamDefaultAuthority : consumers
WamDefaultId : https://login.microsoft.com
WamDefaultGUID : {xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxx} (MicrosoftAccount)
+----------------------------------------------------------------------+
| SSO State |
+----------------------------------------------------------------------+
AzureAdPrt : NO
AzureAdPrtAuthority : NO
EnterprisePrt : NO
EnterprisePrtAuthority : NO
+----------------------------------------------------------------------+
| Work Account 1 |
+----------------------------------------------------------------------+
WorkplaceDeviceId : xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxx
WorkplaceThumbprint : XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
DeviceCertificateValidity : [ 2024-09-25 01:13:40.000 UTC -- 2034-09-25 01:43:40.000 UTC ]
KeyContainerId : xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxx
KeyProvider : Microsoft Platform Crypto Provider
TpmProtected : YES
WorkplaceTenantId : xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxx
WorkplaceTenantName : xxxxxxxxxx
WorkplaceMdmUrl :
WorkplaceSettingsUrl :
NgcSet : NO
+----------------------------------------------------------------------+
| IE Proxy Config for Current User |
+----------------------------------------------------------------------+
Auto Detect Settings : YES
Auto-Configuration URL :
Proxy Server List :
Proxy Bypass List :
+----------------------------------------------------------------------+
| WinHttp Default Proxy Config |
+----------------------------------------------------------------------+
Access Type : DIRECT
+----------------------------------------------------------------------+
| Ngc Prerequisite Check |
+----------------------------------------------------------------------+
IsDeviceJoined : NO
IsUserAzureAD : NO
PolicyEnabled : NO
PostLogonEnabled : YES
DeviceEligible : YES
SessionIsNotRemote : YES
CertEnrollment : none
PreReqResult : WillNotProvision