Full error message: Something went wrong. This user is not authorized to enroll. You can try to do this again or contact your administrator with the error code 801c0003.

Note: Make sure the applied computers have Windows 10 version 1809 or above

Check that the user has license requirements

1. open portal.azure.com

2. open the Intune service

3. Click on Users and select the username you wish to check

4. Click on Licenses in the left column

5. Click on the Enterprise Mobility + Security E5 license and check if the user has the license on

Check the Device limit setting in Azure AD

1. Open the Azure Active Directory service

2. Click on Devices then click on Device Settings

3. May need to increase the maximum number of devices per user

Check the number of devices the user has already enrolled

1. In the Intune service click on Users

2. Select the username and then click on Devices

3. Check the number of devices which the user has already enrolled

Check if the user is in scope for MDM

1. In Azure Active Directory click on Mobility (MDM and MAM)

2. Select Microsoft Intune

3. In this case, check that the use is under this User Group All Windows Device Users group. 

Check for Enrollment restrictions

1. In the Intune service click on Device Enrollment

2. Enrollment Restrictions and look at the settings for Device Limits

Check if the user is in scope for Azure AD Join

1. Open the Azure Active Directory service

2. Click on Devices then click on Device Settings

3. Look at the value stored in Users may join devices to Azure AD e.g All ,Selected, None

Note: If the user is NOT in this user group, you need to add them in