Microsoft KB Archive Search

Notice: This website is an unofficial Microsoft Knowledge Base (hereinafter KB) archive and is intended to provide a reliable access to deleted content from Microsoft KB. All KB articles are owned by Microsoft Corporation. Read full disclaimer for more details.

  1. Home
  2. "Workplace Join discovery failed" error with exit code 0x80072F8A"

"Workplace Join discovery failed" error with exit code 0x80072F8A"

View products that this article applies to.

Symptoms

When a user tries to perform a Workplace Join operation, she receives the following error message:

Confirm you are using the current sign-in info, and that your workplace uses this feature. Also, the connection to your workplace might not be working right now. Please wait and try again.

Additionally, an administrator may see the following event details in Event Viewer:

Event ID:102
Log Name:Microsoft-Windows-Workplace Join/Admin
Source:Microsoft-Windows-Workplace Join
Level:Error
Description:Workplace Join discovery failed.

Exit Code: 0x80072F8A.

The supplied certificate has been revoked. Could not connect to 'https://EnterpriseRegistration.domain.com:443/EnrollmentServer/contract?api-version=1.0'.

↑ Back to the top

Cause

This problem occurs because the DRS Service SSL certificate or a certificate in the issuance chain has been revoked.

↑ Back to the top

Resolution

To resolve this problem, try the following methods.

Method 1: Update the root certificates

To update the root certificates, run Microsoft Update, and then make sure that the updates for root certificates are all installed.

If this does not fix the problem, try the next method.

Method 2: Verify date and time settings, clear SSL state, and reregister DLL files

Try the methods that are listed in the following article in the Microsoft Knowledge Base:

813444 You cannot log in to or connect to secured Web sites in Internet Explorer

If this does not fix the problem, try the next method.

Method 3: Force CRL cache to expire

Open a Command Prompt window as an administrator, and then run the following command:

certutil -setreg chain\ChainCacheResyncFiletime @now

Note If there's a proxy server in the environment, make sure that the client is configured to use the proxy server.

↑ Back to the top

Workaround

To temporarily work around this problem, clear the Check for server certificate revocation check box under Advanced Settings Internet Options.

↑ Back to the top

References

For more troubleshooting information, see the following article in the Microsoft Knowledge Base:

3045377  Diagnostic logging for troubleshooting Workplace Join issues

For additional troubleshooting guidance that's specific to this problem, filter for Capi2 events 81, 11, and 30.

↑ Back to the top

Keywords: vkbportal343, kbexpertiseadvanced, kbsurveynew, kbtshoot, azuread, kb

↑ Back to the top

Article Info
Article ID : 3045383
Revision : 3
Created on : 9/6/2019
Published on : 9/6/2019
Exists online : False
Views : 486