Windows Autopilot and ESP now work with Windows Hello for Business certs

Some of you reported that you were trying to provision new devices using Windows Autopilot with ESP enabled, and were running into issues when trying to deploy Windows Hello for Business (useful for single sign-on scenarios) via Intune and SCEP.  The challenge: ESP would be waiting for the certs to install before Windows Hello for Business (WHfB) was set up, and since those certs were dependent on WHfB that wouldn’t work.

So, we implemented a change in Intune that will work around this.  Instead of delivering the certificate policies during user ESP, it will instead wait until later, allowing ESP to complete and the WHfB enrollment process to complete.  So if you had disabled user ESP because of this issue, try turning it back on again.

Categories: Uncategorized

1 reply »

Leave a Reply

Please log in using one of these methods to post your comment:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s