Trying to install BeyondTrust during a Windows Autopilot deployment, the application installs, but it's not fully setup to handle elevation prompts until after a considerable amount of time and a reboot. Is there a guide on how to install Beyond Trust EPM during Autopilot that improves this experience?
Question
Autopilot Provisioning
+1Modern managed devices use Entra ID groups to determine their assigned workstyles. For BeyondTrust to function correctly, the Entra ID group synchronization process must complete. This sync is typically triggered by signing out and back in, rebooting the device, or manually running endpointutility.exe /aad. In environments with a large number of Entra ID groups, additional time may be required for synchronization to finish before BeyondTrust operates as expected.
Hi
I am unaware of the policy configure that is applied to the system, if we have default QS with a few modifications, you should be able to use the Challenge Response code for any initial config. Else wait for the Entra ID sync as Joshs mentioned, takes about 15 min.
https://beyondtrustcorp.service-now.com/csm?id=kb_article_view&sysparm_article=KB0021392
I usually avoid the majority of security apps in my build process, as it typically takes a build from 30+ mins to +hours depending on what you have in the security stack.
This also allows time for Entra ID Group sync etc. to take place and I rarely run into these issue.
KR Jens
Enter your E-mail address. We'll send you an e-mail with instructions to reset your password.