I'm working on an intune environment. Devices are able to successfully join in user attended mode. However when I set it to self-deploy devices fail on securing hardware with the following code: 0x800705b4. This code seems related to the TPM timing out. Autopilot passes this stage instantly in the user attended mode.
I prepare the devices using a PXE WinPE setup and copying the autopilot configuration json to the device. This pairs it to intune during OOBE, I do not add the hash to intune, it does it for me during setup. The PXE script I'm using also upgrades the bios and TPM firmware before it installs windows. So the bios & TPM firmware are up-to-date during OOBE.
I have tried the following:
Ensure the time on the device is correct by setting up an NTP server on the mikrotik router and passing the NTP servers option in DHCP.
Disabled all firewall rules in the Mikrotik, it is only providing natting.
I tried multiple models of devices (HP Elitebook 850 G3, HP Elitebook 840 G3, HP Elitebook 840 G4, HP Elitedesk 800 G2, HP Prodesk 400 G3) All have the same issue.
I'm using unattend.xml to ensure the EULA is accepted.
Intune device licenses are available and assigned to the security group these devices are dynamically put into.
I have checked to ensure BIOS and TPM firmware are on the latest version available.
I'm aware that the feature is in preview state, but it beats having to manually enter credentials into 200 devices during setup. (After that the devices go into kiosk mode, no login necessary)
Can anyone give me some pointers on what I might try next?
Cheers!
-Metro
