![]() ![]() For hybrid scenarios where the user should be an administrator, the user is forced to sign out at the end of ESP. On self-deploying scenarios, the device is no longer Microsoft Entra joined after OOBE and can't sign-in with Microsoft Entra credentials or access company resources.įor pre-provisioning scenarios, ESP is marked as required to show to ensure the technician flow completes successfully. ![]() The KB4517211 update removes this validation. This issue was due to an extra validation added in Windows 10 version 1903 to check that the TPM EK certs had the proper attributes according to the TCG specifications. Assigned Access policies cause a reboot, which can interfere with the configuration of single-app kiosk devices.Ī missing AKI extension in EK certificate caused TPM attestation to fail on Windows 10 version 1903. Device naming templates may truncate the computer name at 14 characters instead of 15. (Before this fix, only a specific list of firmware versions was accepted). TPM attestation fails on newer Infineon TPMs (firmware version > 7.69). (Basically, the pre-provisioning landing page, where you select "Provision" to start the pre-provisioning process, isn't reporting errors properly). If TPM attestation fails during the Windows Autopilot pre-provisioning process, the landing page appears to stop responding. TPM attestation may fail if the device has a valid AIK cert but no EK cert (this issue is related to the previous item). For example, if you run sysprep /generalize and then reboot or reimage the device to go back through an Autopilot pre-provisioning or self-deploying scenario.) (This issue isn't a common one, but you could run into it while testing. Sysprep /generalize doesn't clear TPM attestation state, which causes TPM attestation failure during later OOBE flow. Because of this issue, you see this extra page during OOBE. The Windows Autopilot for existing devices feature doesn't properly suppress the Activities page during OOBE. This issue is another non-English OS issue. A user isn't granted administrator rights in the Windows Autopilot user-driven Microsoft Entra hybrid join scenario. If you're deploying Company Portal as a blocking app during Windows Autopilot ESP, you have probably seen this error. You're unable to install UWP apps from the Microsoft Store, causing failures during Windows Autopilot. Ex: BitLocker didn't get an expected notification after policies were applied to begin encryption. ![]() BitLocker encryption isn't correctly configured. This issue typically happens if you reset the OS or used a custom sysprepped image. Windows Autopilot reports an AUTOPILOTUPDATE error during OOBE after sysprep, reset, or other variations. Windows Autopilot pre-provisioning doesn't work for a non-English OS and you see a red screen that says "Success." Applies toĪutopilot pre-provisioning fails for non-English builds.īitLocker policies not enforced during Autopilot for nondefault encryption options. For a list of issues that can be resolved through configuration changes, see Windows Autopilot - known issues. The following issues are resolved by installing Windows updates. ![]()
0 Comments
Leave a Reply. |
Details
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |