Windows Autopatch (Intune ESP) and passwordless enrollment conflict ?

GonWild 426 Reputation points
2023-01-06T14:26:45.547+00:00

Okey, so I learned that a reboot triggered during the device section in ESP when enrolling a new Windows client in Intune, causes the need for the user to authenticate with their password to continue the process. ( https://learn.microsoft.com/en-us/answers/questions/960560/temporary-access-pass-hello-for-business-setup-sti.html?childToView=1095807#comment-1095807)
When testing Windows Autopatch, we get a reboot during ESP.
From the eventlog; microsoft-windows-devicemanagement-enterprise-diagnostics-provider-admin
The following URI has triggered a reboot: (./Device/Vendor/MSFT/Policy/Config/Update/ManagePreviewBuilds).
Lo and behold; removing the device from the group created by the Autopatch Update ring profile, remedies the issue. No reboot, no password needed to complete (Win10 v 22H2 used).
Is there something to be done with this? Since MS is promoting passwordless, are they aware of the conflict that arises when other stuff breaks this because of reboots that it can't handle?

Windows Autopilot
Windows Autopilot
A collection of Microsoft technologies used to set up and pre-configure new devices and to reset, repurpose, and recover devices.
472 questions
Microsoft Intune
Microsoft Intune
A Microsoft cloud-based management solution that offers mobile device management, mobile application management, and PC management capabilities.
5,171 questions
{count} vote

3 answers

Sort by: Most helpful
  1. Pavel yannara Mirochnitchenko 12,596 Reputation points MVP
    2023-01-06T19:51:04.58+00:00

    Autopatch brings lot of new config profiles to Intune. Can it be that there is WHFB enablement through it? That's why you didnt experience this behavior before.


  2. Rudy Ooms 611 Reputation points MVP
    2023-01-25T06:59:01.5133333+00:00

    Sounds like the WUFB issue targetted at devices when windows 11 saw the first light :)

    [https://call4cloud.nl/2022/04/dont-be-a-menace-to-autopilot-while-configuring-your-wufb-in-the-hood/

    As autopatch also uses wufb... I am not surprised this issue is back

    0 comments No comments

  3. Stefan Jurt 0 Reputation points
    2023-10-03T11:27:26.0166667+00:00

    As a workaround you can enable web sign-in as described by @Peter van der Woude
    https://www.petervanderwoude.nl/post/enabling-web-sign-in-to-windows-for-usage-with-temporary-access-pass/

    Like this you can sing in with TAP after the reboot to proceed with ESP user part.


Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.