Today we will go through one of the hot topics in Modern Management Intune Enrollment Status Page Configuration 2023
The Intune Enrollment Status Page ESP is a critical component of Microsoft Intune, a cloud-based mobile device management (MDM) and mobile application management (MAM) solution. The ESP plays a vital role in ensuring a smooth and secure onboarding process for devices that are being enrolled in your organization’s Intune environment.
Intune Enrollment Status Page (ESP) shows the progress of windows device provisioning when a new device enrolled through Intune or a new user sign in to the device. You can show ESP during the default out-of-box experience (OOBE) for Azure AD join, Windows Autopilot scenarios or when new user sign into the device for the first time.
This article, we will create a Intune Enrollment Status Page Configuration profile for Windows Autopilot devices.
Intune Windows Autopilot depends on number of varieties of internet-based services. Access to these services you must be provided for Autopilot to function properly. In the simplest way case, enabling proper functionality can be achieved by ensuring the following conditions:-
- Ensure Domain Name Services (DNS) name resolution for internet DNS names.
- Allow access to all hosts via port 80 (HTTP), 443 (HTTPS), and 123 (UDP/NTP).
Windows Autopilot Deployment Services
After a network connection is in place, each Windows device will contact the Windows Autopilot Deployment Service. With Windows 10 version 1903 and the following URLs are used:
Today Will go with the newly Creation of Enrollment Status Page ESP profile
In Microsoft Endpoint Manager console, select Device> Windows > Windows enrollment > Enrollment Status Page
Intune Enrollment Status Page Configuration : Fig1
On the Enrollment Status Page screen, click on Create.
Intune Enrollment Status Page Configuration : Fig-2
In Create Profile – Basics page, enter basic information about, such as Name, Description abut the ESP and click on Next.
Intune Enrollment Status Page Configuration : Fig-3
In Create profile – Settings page, configure the following settings:
Show app and profile configuration progress:
No: Select this option if you don’t want to show the Enrollment Status Page to users during device setup.
Yes: Select this option if you want to show the Enrollment Status Page to users during device setup.
Intune Enrollment Status Page Configuration : Fig-4
Once you Tap on Yes in previous screen, the all available settings for ESP will be visible to you.
Intune Enrollment Status Page Configuration : Fig-5
The following settings are available in ESP settings page.
- Show an error when installation takes longer than specified number of minutes: The default time-out is 60 minutes. You can increase this time if application which are to be installed during enrollment take more time.
- Show custom message when time limit or error occur: Add a custom message which you want to show to the uesr. This may include contact information if they need any help during Autopilot deployment.
- Turn on log collection and diagnostics page for end users: Turning on this option will help in troubleshooting the issue.
- Only show page to devices provisioned by out-of-box experience (OOBE): Select No if you want to show enrollment status page to all Intune-managed and co-managed devices that go through the out-of-box experience (OOBE), and to the first user that signs in to each device. Select Yes if you want to show the enrollment status page to only those devices that go through the out-of-box experience (OOBE).
- Block device use until all apps and profiles are installed: Select No if you want to allow user to leave ESP before configuration finished. Select Yes if you don;t want to allow user until device configuration is not completed.
- Allow users to reset device if installation error occurs: Select Yes if you want to allow user to reset the device when installation fails.
- Allow users to use device if installation error occurs: The ESP gives users the option to bypass the ESP and use their device when an installation fails. Select Yes if you want to allow. Else, select No.
- Block device use until these required apps are installed if they are assigned to the user/device: This option will restrict device usage until all mandatory applications are installed. You can go for all or selected apps.
In the Assignments page, click on Add groups and select the group where you want to deploy this Enrollment Status Page profile. Review the group name and then click on Next.
Intune Enrollment Status Page Configuration : Fig-6
Leave default settings in Scope tags page and click on Next.
Intune Enrollment Status Page Configuration : Fig-7
In Review + create page, review the settings and click on Create.
Intune Enrollment Status Page Configuration : Fig-8
The Enrollment Status Page profile is now created and you can see the same in Enrollment Status Page profile list.
Intune Enrollment Status Page Configuration : Fig-9
The next time when you provision a Windows device using Autopilot, this ESP profile will be visible.
Enrollment Status Page tracking information:-
The ESP shows 3 phases to monitor Autopilot progress.
Intune Enrollment Status Page Configuration : Fig-10
- Phase: Device preparation
- Phase: Device setup
- Phase: Account setup
Additionally, we recommend disabling Windows 10 for first logon animation in order to see the speed of first sign-in up. Because the ESP also bypasses the first logon animation.
Please refer the below OMA URI
| Name | Disable first sign-in animation | | OMA-URI | ./Device/Vendor/MSFT/Policy/Config/WindowsLogon/EnableFirstLogonAnimation | | Value type | Integer | | Value | 0 |
The process was simplified in this guide for Intune ESP configuration. By using this handbook as a starting point, you will be able to maximize the benefits of this powerful tool – from the basics of ESP to advanced configuration tips and best practice. Keep it in mind that a key aspect of today’s organization has to do with the proper management of enrolling devices. And with Microsoft Intune ESP you will be able to guarantee hassle-free and secured process for your clients/users.
This video will explain you how to decode the Windows Enrollment Status Page. This video is particularly useful for troubleshooting Autopilot deployed by Microsoft Intune.
You can also read: Best Guide to Enable Windows Autopilot Time Sync