Known Issue: Some device config settings are not being applied correctly after Windows 11 feature update was installed

This issue is mainly affecting classroom and lab computers with shared PC mode enabled, where local storage was disabled and account management was enabled via the device configuration profile in Endpoint Manager. Affected devices have been joined to Azure AD as Windows 10 devices, and then Windows 11 feature update was applied on them. Devices that have been updated to Windows 11 or shipped with Windows 11 and then joined to Azure AD are not affected.

Prior to Windows 11 feature update installation, when users logged into Windows on these devices they were only able to see the Downloads folder but now are able to see and save to the local C: drive. In addition, Windows profiles of users who signed into these machines in the past as well as multiple guest account profiles were no longer being deleted when disk space gets low. As a result, some computers ran out of free space.

At this time, the only way to resolve this issue is to disconnect the affected device from Azure AD and then re-join it back to Azure AD following steps below. Do not proceed, if you do not have the password for the local admin account.

  1. Sign into Windows on the affected device using local admin account.
  2. Go to Windows Settings > Accounts > Access work or school
  3. Click on Connect by section to expand it. 
  4. Click on Disconnect
  5. Click Yes when prompted with Are you sure.. message
  6. You will be asked to confirm the password for the local admin account. Enter login name in this format .\login and a corresponding password
  7. Proceed to reboot the computer when prompted.
  8. When reboot is completed, sign back into Windows using local admin account.

You will not need to delete anything in Endpoint Manager or Azure portals. If you have physical access to this computer you can re-join it back to Azure AD using the latest provisioning package file on a USB stick. Otherwise, follow these steps:

  1. Go to Windows Settings > Accounts > Access work or school
  2. Click on Connect
  3. Click on Connect to Azure AD
  4. Enter your account credentials {uwinid}@uwindsor.ca / {password}
  5. Click Yes to confirm
  6. Once prompted, sign out from Windows and sign back in using your credentials.
  7. Wait 5-10 minutes for device config profiles and policies to be pushed to the device and verify that local storage is now disabled.
  8. Reboot the computer
  9. Go to All Devices report in Endpoint Manager and find then open this device's profile.
  10. Click on Properties
  11. Click on Remove primary user
  12. Click on Save

Details

Article ID: 148733
Created
Sat 1/21/23 2:54 PM
Modified
Sat 1/21/23 4:03 PM

Related Articles (1)

Classroom Computers
Most of the classrooms on campus are equipped with a PC that is connected to the audio-visual equipment such as a projector and/or sound system. In order to sign into Windows on those computers, class instructors need to us their UWin Account.