I worked on an Azure Active Directory lab for Hybrid Azure AD Join today and ran into a problem.  The lab is a new deployment, single Windows Server 2019 Domain Controller running the 2.x version of Azure AD Connect Sync.  Express install was used, there are no OU or advanced filters in place.  Following the directions outlined in the Microsoft documentation is straightforward.  However, after enabling Hybrid Azure AD Join, the computers did not show in the Azure AD Portal under Devices.

Digging through the event log and using dsregcmd /status on the client provided the error:

Automatic registration failed at join phase. 
Exit code: Unknown HResult Error code: 0x801c03f3 
Server error: The device object by the given id (xxxxxx-xxxx-xxxx-xxxx-xxxxxxxx) is not found

The most common cause for this is a filter in AD Connect that excludes OU’s or computers.  Computer devices need to be included in any filter, or they will not synchronize to Azure AD.  Azure AD Connect Sync was configured with an express installation with no filters were in place.

I went to the AD Connect Synchronization Services Manager to review the settings.  In the Active Directory Domain Services connector, under Selected Object Types, I noticed that “device” was unchecked.  I checked this box and then initiating a synchronization (start-adsyncsynccycle).

Once the sync finished, the devices showed in the Azure AD Portal with the status of Pending.  A reboot of the client moved the device to a registered state and allowed the device to be Hybrid Azure AD Joined.

I am curious why I had to check the device box.  Azure AD Connect had a default installation with express settings.  If that step was required, the agent could have handled it when Hybrid Azure AD join was configured.  I could not find any information on why checking “device” was needed when “computer” was already checked.

If you found this article you may be suffering the same issue.  I hope this helps!