Some of you reported that you were trying to provision new devices using Windows Autopilot with ESP enabled, and were running into issues when trying to deploy Windows Hello for Business (useful for single sign-on scenarios) via Intune and SCEP. The challenge: ESP would be waiting for the certs to install before Windows Hello for Business (WHfB) was set up, and since those certs were dependent on WHfB that wouldn’t work.
So, we implemented a change in Intune that will work around this. Instead of delivering the certificate policies during user ESP, it will instead wait until later, allowing ESP to complete and the WHfB enrollment process to complete. So if you had disabled user ESP because of this issue, try turning it back on again.
Out of Office Hours 
One response to “Windows Autopilot and ESP now work with Windows Hello for Business certs”
[…] Windows Autopilot et la page d’état de l’enregistrement (ESP) supporte Windows He…. Le scénario était bloqué car la page d’état d’enregistrement attendait les certificats à installer avant que Windows Hello for Business soit configuré bloquant ainsi le processus. A partir de maintenant, les certificats utilisés par Windows Hello for Business seront délivrés après pour permettre la page d’état de l’enregistrement de s’exécuter. […]
LikeLike