Support Tip: Users unable to view passcode setup screen when enrolling devices through ADE

This post has been republished via RSS; it originally appeared at: Intune Customer Success articles.

Yesterday, we posted a known issue in the message center as a follow-up to a service health dashboard post. We're updating this post on 6/10/2021 with some additional information!

 

Follow-up to IT257168 - Users unable to view passcode setup screen when enrolling devices through ADE

We recently posted IT257168 on your service health dashboard dashboard and followed up with MC261345. Customers enrolling devices through Apple Device Enrollment (ADE) discovered that they couldn’t view the passcode screen and therefore setup a passcode during enrollment. Upon investigation with Apple, this is a known issue in the iOS/iPadOS release 14.5 and 14.5.1. There is a workaround, described below.

 

How this will affect your organization:

This will only affect you if you use ADE and configure an iOS/iPadOS ADE setup assistant profile to use the Show Passcode screen as part of the enrollment process. Our testing also indicates that setting a passcode using biometrics during setup assistant may lead to setup not completing successfully, which impacts device reboot behavior and other functionality (see below).

 

What you need to do to prepare:

Updated 6/10: You can workaround the hidden passcode issue by enabling TouchID (also known as biometrics and includes Touch ID and Face ID) to present the passcode prompt.

 

Important: If you are seeing Setup Assistant unexpectedly quit and restart after reboot on devices running iOS/iPadOS 14.5+ during setup, you will need to update every iOS/iPadOS enrollment profile by re-saving the Setup Assistant configuration to get an important fix applied to the profile(s).

 

To apply the fix to your profiles, complete the following steps:
1. Navigate to Microsoft Endpoint Manager admin center, select Devices > iOS/iPadOS > iOS/iPadOS enrollment > Enrollment Program Tokens.
2. Select a token, and then select Profiles.

3. Click on an enrollment profile, click on Properties, and click edit for the Setup Assistant portion of the profile.
4. Click Review and save the configuration.
5. Repeat Step 3 and 4 for each profile.

 

Note: Any existing devices that are already in the Setup Assistant quit and restart loop (or need to be reprovisioned) would need to be wiped and reprovisioned after their profiles have been updated with the above steps.

 

Post updates:
5/19/2021 - updated to not suggest using biometrics as a workaround; updated the IT incident number.

5/20/2021 - updated to clarify the biometrics reference = Touch ID in the Microsoft Endpoint Manager UI.

6/10/2021 - updated to include the MC261345 and additional clarification on remediation.

Leave a Reply

Your email address will not be published. Required fields are marked *

*

This site uses Akismet to reduce spam. Learn how your comment data is processed.