Windows MDM - Device Enrollment Failing

Incident Report for JumpCloud

Postmortem

Incident Report‌

Date: Sep 13, 2025

Date of Incident: Sep 10, 2025

Description: RCA for Windows MDM enrollment failures

‌

Summary:

On September 10, 2025, a number of customers experienced intermittent failures when attempting to enroll Windows MDM devices. User-led enrollments during this period would have seen an error message.

‌

Root Cause:

Our MDM team was alerted to an issue with our MDM certificate issuance service, which affected the ability to enroll devices. This issue was caused by a configuration change in our backend infrastructure.

The core problem stemmed from an update that inadvertently caused a critical service role to be deleted and immediately recreated. When this happened, our IaaS provider assigned the recreated role a new, unique ID. Our system, which was configured to recognize the old ID, was no longer able to access the necessary security keys. This caused certificate issuance to fail, causing the MDM enrollment failures.

‌

Corrective Actions / Risk Mitigation:

Implemented a permanent fix refactoring our infrastructure for this service - DONE
Refining our emergency response plan to securely restore services - IN PROGRESS
Updating our monitoring systems to proactively detect and alert on these types of issues, including reconfiguring our logging to ensure that critical errors are not missed - IN PROGRESS

Posted Sep 12, 2025 - 13:02 MDT

Resolved

This issue has been resolved and Windows devices are now able to successfully enroll in MDM.

Posted Sep 10, 2025 - 14:48 MDT

Monitoring

A fix has been implemented and we are continuing to monitor the results.

Posted Sep 10, 2025 - 13:55 MDT

Update

We are continuing to work to implement a fix for this issue. During this time new Windows MDM device enrollments will continue to fail.

Posted Sep 10, 2025 - 13:02 MDT

Update

We are still working to implement a fix for this issue. We will continue providing regular updates.

Posted Sep 10, 2025 - 11:43 MDT

Update

We're still implementing a fix for this issue. We will provide another update within the hour.

Posted Sep 10, 2025 - 10:09 MDT

Update

The issue has been identified and a fix is being implemented.

Posted Sep 10, 2025 - 08:57 MDT

Identified

We have identified the issue and are working on a fix.

Posted Sep 10, 2025 - 08:49 MDT

Investigating

We are currently investigating an issue involving JumpCloud’s Windows MDM Service that is preventing device enrollment. We are investigating the cause of the issues currently, and will update the status event once an update is available.

Posted Sep 10, 2025 - 08:15 MDT

This incident affected: Windows MDM.