Event banner
Event details
- Heather_Poulsen
Community Manager
Links referenced in this session:
Hi Cristina_Osorio,
i sadly was not able to send a new post anymore, so I answering to your reference post.
Sorry for that.I have a question to your explanations regarding missing AAD entries around 10:40 in the video.
You said that "We altough check that azure ad object exist and if it's not there we auto-remediate."
Is this a new behaviour?
In the past we had devices, from which not only the old stale intune entries but altough the aad entries were deleted via graphAPI.
In late 2021 and early 2022 it seemed that the devices still could be enrolled, but since ~ april/may 22 it seemed that they could no be re-enrolled (after re-imaging them) again, because only consumer OoBE was shown on the device, so enrollment profile was not applied/downloaded to the device.
And of course, how should enrollment profile be assigned if AAD object doesn't exist?So we had to manually delete affected devices, harvest a hash of the device and re-import it to AutoPilot/DDS that altough re-creates the AAD object (named with the serial number of the hardware) in may 2022.
But your explanations described above, let me hope that this accidently deleted devices should be re-enrolled without re-importing them now.
Did I understand correctly?
Is this maybee a change altough happend with Return of key functionality for Windows Autopilot sign-in and deployment experience ?
- Regarding the Windows language and input language topic. In my case both are different. It could be great that in the choose keyboard layout screen, you could type the country / language and get it filtered; because it is bothersome to scroll up / down in a big list.
- Cristina_Osorio
Microsoft
Thank you Javi, could you please submit your feedback through aka.ms/Autopilotfeedback ?
It would help us to analyze together with the rest of the great inputs we are getting from this forum
Take the elements from Option A (which app is being installed) and merge them into option B. Knowing is half the battle.
- For provisioning with an assigned user, it fails and there is an error but in Microsoft fashion the error has no explanation. Is there any way we can get more detail regarding this?
Dom73Hi Jawan,
To troubleshoot Autopilot, you can use the Get-AutopilotDiagnostics command. In the ESP, press SHIFT+F10 to open a command prompt and follow instructions below.
https://learn.microsoft.com/en-us/troubleshoot/mem/intune/understand-troubleshoot-esp#diagnose-windows-autopilot-issues
And if you want to know more information about the error you get, links below can be helpful.
Troubleshoot Autopilot device import and enrollment | Microsoft Learn
Windows Autopilot known issues | Microsoft Learn
- It would be nice if there was a way to skip past errors in provisioning or close the overlay so a user could use windows while it runs in the background. Today and yesterday this issue overwhelmed new hires
- Dom73
Hi Jawan,
You can configure the Enrollment Status Page to continue when errors occur with the setting "Allow users to use device if installation error occurs". You can also set up "Block device use until all apps and profiles are installed" to No and the user will be able to login and use his/her device while the enrollment process completes.
Set up the Enrollment Status Page in the admin center - Microsoft Intune | Microsoft Learn
- The approach that I took is to actually bypass the Account Setup stage. This does two things: 1. It speeds up the ESP process so it's a faster experience for the end user and 2. It allows any apps that are assigned to the user to be installed in the background while allowing the end user to use their computer.
- Dom73
Hi Corey,
While we don't recommend bypassing Account Setup (which is likely not a supported scenario), a lot of our customers do build their own custom solutions into the processes that we provide. If you find that this works for you and gives you a good experience to the end users, you are free to continue using it. But keep in mind this is probably not supported.
- On laptop during autopilot pre-provision. The screen when you start pre-provision doesn't show the button text properly/completely (Progress status message). It is hiding half of it. Any suggestion to fix?
- Cristina_OsorioHi, do you have a screenshot so I can see which text exactly you are referring to?
- I use Dell Devices. on my workstation devices i need to press SHIFT+F10 and on my laptop i need to press SHIFT+Fn+F10 to open the command prompt on the OOBE screen. Is this normal? What is your experience ?
you can often configure the behaviour in BIOS settings. We use Lenovo devices and configure it to work like known from PCs. (Even if the naming of the setting and the correct value is weired. :p)
- Yes, this is expected. Most laptops use the function keys for additional capabilities like increasing the volume or brightness. In order to use the keys for F1-F12 you either need to press the Fn button or enable Fn lock. WIth Fn lock you would be able to press SHIFT-F10.
- Cristina_OsorioAgreed, I would say this is common depending on the keyboard
- I pre-provision workstation and laptop. I have Endpoint security->disk encryption policy configured to encrypt the OS drive. I also have Configuration profile to Used Space Only Encrypted conversion status. I see my workstation devices are uploading the key to Intune, but all my laptop devices are not uploading the key. Do you have any suggestion?
- Maybee different communication ways?
- Cristina_OsorioHi Sivakumar, I think for this type of question is best to open a support case directly.
- How do we get the OEM preloaded apps uninstalled as part of Autopilot Pre-provisioning(Hybird Azure AD Join)?
- Go get a vanilla image from your OEM...thats all...
- Cristina_OsorioAdding to what Jochen suggested (which I believe is the cleanest option here). There is another option, not part of the Autopilot process itself and requires enrollment of the device in Intune -> Fresh start that can be triggered from Intune console: https://learn.microsoft.com/en-us/mem/intune/remote-actions/device-fresh-start but again, this might or might not fit your needs.
- How can we uninstall one or more of Windows default Apps(Mail,Consumer Teams,Xbox..etc) as part of Autopilot Pre-provisioning(Hybird Azure AD Join)?
- I don't think you can. You need to only deploy Store apps or Win32 apps, and should not mix & match. We uninstall Mail, Solitaire, Xbox etc after Autopilot by having these apps 'packaged' in Intune as MS Store for business apps, and assigning them to Uninstall on all Autopilot devices, and this works well - for now at least. They are gone within a few mins of the user getting to the desktop. A better question would be "Why are these installed by default on Windows Pro/Enterprise devices?" We all waste time removing the same stuff, Microsoft could make it just go away.
- Cristina_OsorioPaul is suggesting the right approach here. Regarding your comments, Paul, feedback noted, thanks for sharing.
