Hybrid join Autopilot stuck at ESP account setup phase
I have an Autopilot profile created for Hybrid join with pre-provisioning. During pre-provisioning phase all device based applications and policies are installed.
When user provisioning phase is started, the user provides his credentials and a MFA authentication is completed. In ESP account setup, joining your organization is completed, and rest all are in identifying state. The screen is not moving further even if i wait for more than 2 days.
This behaviour is strange because it is succeeding in one attempt and it fails in another attempt.
And few observations during failure:
1. There is no owner information in Azure AD or primary user info in Intune
2. We have configured few applications to be installed post log on. And user can see those applications getting installed but still on ESP
3. The autopilot logs state that it is success
Answer ( 1 )
Is this OOBE image fully patched with the latest updates? I have had similar issues with Azure Virtual Desktop enrollment not specifically with Autopilot because of primary refresh token issues. More details here – https://www.anoopcnair.com/azure-ad-prt-issue-windows-10-21h2-kb5006738/
Hybrid AD troubleshooting guide also might help you – https://www.anoopcnair.com/windows-autopilot-hybrid-azure-ad-join-trouble/