Close Menu
Peter Klapwijk – In The Cloud 24-7Peter Klapwijk – In The Cloud 24-7
    Facebook X (Twitter) Instagram
    Peter Klapwijk – In The Cloud 24-7Peter Klapwijk – In The Cloud 24-7
    • Home
    • Intune
    • Windows
      • Modern Workplace
    • macOS
    • Android
    • iOS
    • Automation
      • Logic Apps
      • Intune Monitoring
      • GitHub
    • Security
      • Passwordless
      • Security
    • Speaking
    • About me
    Peter Klapwijk – In The Cloud 24-7Peter Klapwijk – In The Cloud 24-7
    Home»Intune»Windows Autopilot: You`re about to be signed out
    Intune

    Windows Autopilot: You`re about to be signed out

    Peter KlapwijkBy Peter KlapwijkSeptember 13, 2019Updated:March 19, 2021182 Mins Read

    Again a small post about Windows Autopilot, like my last post, to share some information we noticed in the field.
    This week my colleague André and I set up a Dev tenant which also involved deploying devices into Azure AD and Microsoft Intune. During our testing we applied and changed a lot of settings in the configuration profiles applied to Windows 10 devices. During some device enrollment testing my colleague noticed a message during the enrollment phase (we enabled the Enrollment Status Page in Intune) of one of the Windows 10 machines. After a few minutes he received a pop-up with the message: You`re about to be signed out. Windows will shutdown in 10 minutes.

    And indeed, while apps were being installed the device was rebooted and than returned back in the deployment stage.
    When this happens during the installation of apps, this could result in app install failures and in the worst case the enrollment got timed out and fails. Or when the enrollment is successful within these 10 minutes, the user is signed out and the device rebooted a few minutes after his first logon.

    It took quite some time for my colleague (all credits to him 🙂 ) to notice the setting which caused this behavior. This behavior is caused by enabling Windows Defender Application Control in the endpoint protection policy in Intune. We enabled Application Control in audit mode which caused this behavior.

    After setting this setting back to Not configured, the message was not shown anymore during Autopilot enrollment.
    The reason for the reboot is that Windows Defender Application Control needs Hyper-V to function and as soon as Hyper-V is enabled, a reboot is scheduled.


    This behavior is confirmed by Microsoft as a known issue, the solution (or workaround) is to use a custom policy which is described here.

    Autopilot Azure AD EMS Intune MEM Microsoft 365 Microsoft Endpoint Manager WD ATP Windows10
    Share. Facebook Twitter LinkedIn Email WhatsApp
    Peter Klapwijk
    • Website
    • X (Twitter)
    • LinkedIn

    Peter is a Security (Intune) MVP since 2020 and is working as Modern Workplace Engineer at Wortell in The Netherlands. He has more than 15 years of experience in IT, with a strong focus on Microsoft technologies like Microsoft Intune, Windows, and (low-code) automation.

    Related Posts

    Setup a Windows 10 Multi App Kiosk device with Microsoft Intune

    August 6, 2019

    Setup a Windows 10 kiosk device using Intune and AutoPilot

    May 4, 2019

    Easily deploy Office Pro Plus with Intune

    July 25, 2017
    View 18 Comments

    18 Comments

    1. JF on October 30, 2019 09:42

      Thnak you for this!

      Reply
    2. Ewan Monro on March 10, 2020 09:55

      Any update on this? I’m still seeing this behaviour, is it only with Audit Mode enabled?

      Reply
      • Peter Klapwijk on March 18, 2020 16:17

        I don`t know of any update this.

        Reply
      • Wilson on October 6, 2020 22:11

        The MS engineer said whether it’s on Audit Mode or Enabled fully, it will cause reboots! If no need to use it he said leave it as not configured

        Reply
    3. crshovrd on April 5, 2020 22:14

      This is an incredible find. I can tell you it’s still an issue in April of 2020. Thank you!

      Reply
      • Wilson on October 6, 2020 22:10

        still an issue in October 2020 haha

        Reply
        • Simon Griffiths on September 21, 2022 16:52

          September 2022 checking in and still happening!

          Reply
    4. Wilson on October 6, 2020 22:10

      Great article, this is was helpful, after dealing with several engineers at Microsoft no one had a clue why our devices were restarting every time it was enrolled onto this policy or we made a policy change.

      Microsoft support is ridiculous. The first engineer claimed Intune does not cause this and the second engineer on the escalation team claimed it wasn’t his expertise and doesn’t see why Intune would do this. It took a third engineer to confirm this was causing a reboot and still no fix a year later from this article! This seemed to resolve our issue too.

      Reply
      • Peter Klapwijk on October 8, 2020 07:52

        The solution (or workaround) is to use a custom policy as described here https://docs.microsoft.com/en-us/windows/security/threat-protection/windows-defender-application-control/deploy-windows-defender-application-control-policies-using-intune#using-a-custom-oma-uri-profile

        Reply
    5. James on October 7, 2020 21:42

      We also had this same issue!

      Support said no ETA for this fix but can submit here https://microsoftintune.uservoice.com/forums/291681-ideas/suggestions/40576504-configuration-profile-for-endpoint-protection-forc

      Reply
    6. John on March 29, 2021 15:45

      The Deploying Policies section of the workaround for 1903+ devices states:

      “Know a generated policy’s GUID, which can be found in the policy xml as ”

      Where do you get info policy GUID / info from Intune?

      Reply
    7. Yura Z on May 11, 2021 11:40

      A word of warning, when you apply this policy it will force all of your users to reboot in 10min

      Reply
    8. Tommy Nielsen on May 28, 2021 23:09

      Also enabled this months ago and all 400+ laptops rebooted while users was in teams meetings. Bad day at the office.

      Since then we have had to live with the forced reboot during Autopilot leaving us in endless loop for selecting region and language. Only a hard reboot gets us out of the loop and Autopilot can continue. Waste of time. But I just tested something and seems to work during autopilot: When the 10 min reboot message pops up during autopilot then press SHIFT+F10 to bring up command prompt. Then run the command SHUTDOWN -a and the reboot will be aborted.

      Reply
    9. Jeroen on November 25, 2021 16:44

      Thanks Peter! Now I know where this is coming from!

      Reply
    10. Nathan Ricker on January 27, 2022 10:29

      I do not know about this, today I found out through your post. Thank you very much for the detailed analysis and step-by-step instructions.

      Reply
    11. niels m on March 2, 2022 16:02

      how did you found this out?
      Can you elaborate? I had the same issue today..

      Took me ages to find out what was what, in the end I found out why due to your blog (thanks for that)
      Are there any go to log files to consult or did you guys did a trace back of changes ?

      Reply
      • Peter Klapwijk on March 2, 2022 21:22

        It was more thinking of which policy settings we added recently and discussing which type of policy could cause the reboot and than do some testing on these policy settings. It also took us quite some time. To avoid this for others I shared it in this post 🙂

        Reply
    12. Adam Kuhn on February 6, 2023 04:20

      Any new information on this issue? I do not have the above config for Endpoint protection in my device config profile – but I still have the signing off in 10 minutes message. I would like to make it go away so that I could auto-install more on first login without worrying about interrupting installations.

      Reply
    Leave A Reply Cancel Reply

    Peter Klapwijk

    Hi! Welcome to my blog post.
    I hope you enjoy reading my articles.

    Hit the About Me button to get in contact with me or leave a comment.

    Awards
    Sponsor
    Latest Posts

    Hide the “Turn on an ad privacy feature” pop-up in Chrome with Microsoft Intune

    April 19, 2025

    How to set Google as default search provider with Microsoft Intune

    April 18, 2025

    Using Windows Autopilot device preparation with Windows 365 Frontline shared cloud PCs

    April 13, 2025

    Using Visual Studio with Microsoft Endpoint Privilege Management, some notes

    April 8, 2025
    follow me
    • Twitter 4.8K
    • LinkedIn 6.1K
    • YouTube
    Tags
    Administrative Templates Android Automation Autopilot Azure Azure AD Browser Conditional Access Edge EMS Exchange Online Feitian FIDO2 Flow Google Chrome Graph Graph API Identity Management Intune Intune Monitoring iOS KIOSK Logic Apps macOS MEM MEMMonitoring Microsoft 365 Microsoft Edge Microsoft Endpoint Manager Modern Workplace Office 365 OneDrive for Business Outlook Passwordless PowerApps Power Automate Security SharePoint Online Teams Windows Windows 10 Windows10 Windows 11 Windows Autopilot Windows Update
    Copy right

    This information is provided “AS IS” with no warranties, confers no rights and is not supported by the authors, or In The Cloud 24-7.

     

    Copyright © 2025 by In The Cloud 24-7/ Peter Klapwijk. All rights reserved, No part of the information on this web site may be reproduced or posted in any form or by any means without the prior written permission of the publisher.

    Shorthand; Don’t pass off my work as yours, it’s not nice.

    Recent Comments
    • Peter Klapwijk on Using Windows Autopilot device preparation with Windows 365 Frontline shared cloud PCs
    • John M on Using Windows Autopilot device preparation with Windows 365 Frontline shared cloud PCs
    • Christoffer Jakobsen on Connect to Azure file shares with Microsoft Entra Private Access
    • Ludo on How to block Bluetooth file transfer with Microsoft Intune
    • RCharles on Automatically configure the time zone (during Autopilot enrollment)
    most popular

    Application installation issues; Download pending

    October 1, 2024

    Restrict which users can logon into a Windows 10 device with Microsoft Intune

    April 11, 2020

    How to change the Windows 11 language with Intune

    November 11, 2022

    Update Microsoft Edge during Windows Autopilot enrollments

    July 9, 2024
    Peter Klapwijk – In The Cloud 24-7
    X (Twitter) LinkedIn YouTube RSS
    © 2025 ThemeSphere. Designed by ThemeSphere.

    Type above and press Enter to search. Press Esc to cancel.

    Manage Cookie Consent
    To provide the best experiences, we use technologies like cookies to store and/or access device information. Consenting to these technologies will allow us to process data such as browsing behavior or unique IDs on this site. Not consenting or withdrawing consent, may adversely affect certain features and functions.
    Functional Always active
    The technical storage or access is strictly necessary for the legitimate purpose of enabling the use of a specific service explicitly requested by the subscriber or user, or for the sole purpose of carrying out the transmission of a communication over an electronic communications network.
    Preferences
    The technical storage or access is necessary for the legitimate purpose of storing preferences that are not requested by the subscriber or user.
    Statistics
    The technical storage or access that is used exclusively for statistical purposes. The technical storage or access that is used exclusively for anonymous statistical purposes. Without a subpoena, voluntary compliance on the part of your Internet Service Provider, or additional records from a third party, information stored or retrieved for this purpose alone cannot usually be used to identify you.
    Marketing
    The technical storage or access is required to create user profiles to send advertising, or to track the user on a website or across several websites for similar marketing purposes.
    Manage options Manage services Manage {vendor_count} vendors Read more about these purposes
    View preferences
    {title} {title} {title}