Seeing error 0x801c005b alongside error_computer_signature_check_failure when attempting to Hybrid Azure AD join your Windows devices? This error will prevent the hybrid join process from completing. Running dsregcmd /status or dsregcmd /debug will reveal this error. Thankfully this error is a pretty simple one to fix.
Table of Contents
Why does this happen?
This error usually doesn’t happen very often, but when it does it is often due to re-using the same computer object from a previous Active Directory join. This is quite common in normal re-imaging scenarios. The error will looks like this:
How to Fix
The first step in fixing this is to tell the client to leave its hybrid Azure AD join state by doing a “leave” and then a new “join”. Start by running this command from an elevated command prompt:
dsregcmd /leaveYou can optionally add a “/debug” switch to the end of that command to see more details.
Wait a few minutes and then attempt to hybrid join the client again by running:
dsregcmd /joinThe join should complete successfully and you should see the AzureAdJoined : YES under Device State.
Sometimes this does not work, and so you’ll need to fully delete the computer object from Azure Active Directory and try the hybrid Azure AD join again. Note that if you do this, you will need to wait for Azure AD Connect to synchronize the object back into Azure. So you may see this until the object is synced:
Conclusion and Further Reading
Now you know how to fix the error 0x801c005b: error_computer_signature_check_failure when attempting to hybrid Azure AD join a Windows device. You can first try to un-join the device (dsregcmd /leave) and attempt to re-add (dsregcmd /join) and if that doesn’t work can fully remove the object from Azure and attempt the join process again. If you’d like to read a bit more about the hybrid join process in general and things you should know, check out my other post.