Error 0x801c005b , accompanied with server message The verification of the signature failed for device <device_id>, prevents you from hybrid joining your on-prem Windows device to Azure Active Directory.
Table of Contents
Symptoms of 0x801c005b
When this error state 0x801c005b is present, you will notice an ending dollar sign $ in your device name in Azure Active Directory. This is the symptom the active Directory object has been synced from on-prem to the cloud. But you have not joined your device itself yet.
In a healthy state, you could run dsregcmd /join on your Windows device to attempt a hybrid join. However, in this case the device match with the cloud object could not be made.
Fix 0x801c005b
The easiest way to fix 0x801c005b, is to delete the device object in Azure Active Directory.
Then, make a very small change in the computer object in the on-prem Active Directory. Like adding a space in the Description field.
After doing so, wait for the next Azure Active Directory Sync in AAD Connect. Or force a sync yourself in case of impatience 😉
Once the device object is reappears in your Azure AD (note the dollar sign in the name, like dev00013$), return to your Windows device and run dsregcmd /join . To verify the join succeeded, check:
- on the Windows device, check the status: dsregcmd /status . AzureAdJoined should be YES, as well as DomainJoined
- in Azure Active Directory, the device is named dev00013 (without $)
Reference log
C:\WINDOWS\system32>dsregcmd /status
+———————————————————————-+
| Device State |
+———————————————————————-+
AzureAdJoined : NO
EnterpriseJoined : NO
DomainJoined : YES
DomainName : test
Device Name : dev00013@test.com
+———————————————————————-+
| User State |
+———————————————————————-+
NgcSet : NO
WorkplaceJoined : NO
WamDefaultSet : NO
+———————————————————————-+
| SSO State |
+———————————————————————-+
AzureAdPrt : NO
AzureAdPrtAuthority : NO
EnterprisePrt : NO
EnterprisePrtAuthority : NO
+———————————————————————-+
| Diagnostic Data |
+———————————————————————-+
Diagnostics Reference : www.microsoft.com/aadjerrors
User Context : SYSTEM
Client Time : 2022-07-01 11:44:06.000 UTC
AD Connectivity Test : PASS
AD Configuration Test : PASS
DRS Discovery Test : PASS
DRS Connectivity Test : PASS
Token acquisition Test : SKIPPED
Fallback to Sync-Join : ENABLED
Previous Registration : 2022-07-01 11:41:39.000 UTC
Registration Type : sync
Error Phase : join
Client ErrorCode : 0x801c005b
Server ErrorCode : invalid_request
Server ErrorSubCode : error_computer_signature_check_failure
Server Operation : DeviceRenew
Server Message : The verification of the signature failed for device in domain .
Https Status : 400
Request Id :
+———————————————————————-+
| IE Proxy Config for System Account |
+———————————————————————-+
Auto Detect Settings : YES
Auto-Configuration URL :
Proxy Server List :
Proxy Bypass List :
+———————————————————————-+
| URL Specific Proxy Config |
+———————————————————————-+
Auto Detect PAC Status : Failed to auto detect the Proxy Auto-Configuration (PAC) script using WPAD. code: 0x80072f94
Executing Account Name : test\dev00013$, dev00013$@test.com
+———————————————————————-+
| IE Proxy Config for Current User |
+———————————————————————-+
Auto Detect Settings : YES
Auto-Configuration URL :
Proxy Server List :
Proxy Bypass List :
+———————————————————————-+
| WinHttp Default Proxy Config |
+———————————————————————-+
Access Type : PROXY
Proxy Server List :
Proxy Bypass List :
+———————————————————————-+
| Ngc Prerequisite Check |
+———————————————————————-+
IsDeviceJoined : NO
IsUserAzureAD : NO
PolicyEnabled : NO
PostLogonEnabled : YES
DeviceEligible : YES
SessionIsNotRemote : YES
CertEnrollment : none
PreReqResult : WillNotProvision
For more information, please visit https://www.microsoft.com/aadjerrors
Last note
If this article did not help you solve your problem, please leave a comment! This website is visited thousands of times a day. There is a good chance that I or someone else has an answer to your question.
In addition, if you have a better solution for this problem, please leave a comment too! It may help me improve this article, as well as you may help other users facing this issue.
Stumbled over this with the exact same issue on a couple of customer devices but this didn’t resolve unfortunately
same here, im stuck on this. unjoined, deleted everything, and it continue working with device$.