This browser is no longer supported.
Upgrade to Microsoft Edge to take advantage of the latest features, security updates, and technical support.
We tested a Wipe command from Intune to one of our laptops, which we saw removed any workable OS from the SSD. Thus we use the manufacturer's OS recovery image to install a fresh Windows copy back to it.
Since we did not delete the device entries in Intune/AAD, when the fresh OS booted for the first time it went straight back to Windows Autopilot to pace through the enrollment procedure again, which was nice to see it registered as an active device in MDM again.
However, I noticed this copy of Windows never asked to setup Windows Hello (finger print and PIN). Well,
that shouldn't be the case since we have a configuration profile explicitly enabling Windows Hello. From Intune we can see it's successfully applied to the computer. Or, is that a message of the "past"?
Due to so many settings changed by Shared PC mode, it's just quicker to perform Autopilot Reset action from Intune to revert affected computers (at least those setup with Windows Autopilot) back to original working state.
Think we found the culprit. In previous testing, the computer was assigned to an Intune configuration profile for Shared PC mode. After the wipe and OS reinstall, the configuration profile was still valid, causing it to disable Windows Hello options.
However, the affected administrative template settings remained even after unassigning the computer from said configuration profile.
Is this supposed to be correct behaviour? That an administrator has to sign into each and every affected computer to adjust/revert affected settings?