deepblue/windows-itpro-docs
1
0
Fork 0
mirror of https://github.com/MicrosoftDocs/windows-itpro-docs.git synced 2025-05-12 13:27:23 +00:00
Code Issues Actions 2 Packages Projects Releases Wiki Activity
windows-itpro-docs/windows/deployment/windows-autopilot/policy-conflicts.md
Michael Niehaus 34ce7667c4
Added MSA policy to the list 
Added a new row to not set the "Microsoft Account sign-in assistant" setting to disabled.
2020-07-01 16:27:10 -07:00

2.9 KiB
Raw Blame History

title, ms.reviewer, manager, description, keywords, ms.prod, ms.mktglfcycl, ms.localizationpriority, ms.sitesec, ms.pagetype, audience, author, ms.author, ms.collection, ms.topic
title ms.reviewer manager description keywords ms.prod ms.mktglfcycl ms.localizationpriority ms.sitesec ms.pagetype audience author ms.author ms.collection ms.topic
Windows Autopilot policy conflicts laurawi Inform yourself about known issues that may occur during Windows Autopilot deployment. mdm, setup, windows, windows 10, oobe, manage, deploy, autopilot, ztd, zero-touch, partner, msfb, intune w10 deploy medium library deploy itpro mtniehaus mniehaus M365-modern-desktop article

Windows Autopilot - Policy Conflicts

Applies to

  • Windows 10

There are a significant number of policy settings available for Windows 10, both as native MDM policies and group policy (ADMX-backed) settings. Some of these can cause issues in certain Windows Autopilot scenarios as a result of how they change the behavior of Windows 10. If you encounter any of these issues, remove the policy in question to resolve the issue.

PolicyMore information
Device restriction / Password Policy When certain DeviceLock policies, such as minimum password length and password complexity, or any similar group policy settings (including any that disable autologon) are applied to a device, and that device reboots during the device Enrollment Status Page (ESP), the out-of-box experience (OOBE) or user desktop autologon can fail unexpectantly. This is especially true for kiosk scenarios where passwords are automatically generated.
Windows 10 Security Baseline / Administrator elevation prompt behavior
Windows 10 Security Baseline / Require admin approval mode for administrators		 When modifying user account control (UAC) settings during the OOBE using the device Enrollment Status Page (ESP), additional UAC prompts may result, especially if the device reboots after these policies are applied, enabling them to take effect. To work around this issue, the policies can be targeted to users instead of devices so that they apply later in the process.
Device restrictions / Cloud and Storage / Microsoft Account sign-in assistant Setting this policy to "disabled" will disable the Microsoft Sign-in Assistant service (wlidsvc). This service is required by Windows Autopilot to obtain the Windows Autopilot profile.

Related topics

Troubleshooting Windows Autopilot