Issue with Windows Hello after fresh restart with autopilot.

Iron Contributor

Hi,

 

I have several computers added to autopilot.

I also have Windows Hello disabled.

But when giving the device a fresh start in Intune, it asks to set a Pin with Windows Hello.

How is this possible? i disabled Windows Hello in Intune.

Any else having this issue?

 

5 Replies

Hi, did you set it to disabled or not configured? Do you have the auto-enrollment configured and do you have the Enrollment Status page active? 

If you have set it to disabled and auto-enrollment with Enrollment Status page set, the setting should be on the device before the Pin creation dialog would get the chance to pop up and therefore it would be effectively prevented.

 

best,

Oliver

Hi Oliver,
i have set it to Disabled and the Status page setting is set to No.

So this might be a race condition. The status page makes sure all policies are in place befor the desktop is loaded. In your case the WHfB disable setting might not be there as the desktop loads and the PIN dialog is shown. try set the status page and test again. 

 

best,

Oliver

i found out what was going wrong. It happend on the devices i gave a fresh start in Intune with autopilot.

Apparently there is a problem that the device get unenrolled from intune. But not from Azure AD.

 

So after giving a fresh start (without retaining user data) the device becomes unmanagable, does not sync the settings from intune) and so does not sync the Hello setting.

 

Unfortunately is don`t understand why Microsoft does this like this. Because this makes the Fresh start option when u dont want to retain the user data, completely usesless. I hope the AutoPilot reset becomes available quickly because i think that would solve this issue :)

Remote triggering of Autopilot Reset is available from 1809.