(175) Microsoft Intune - Windows Autopilot "You're about to be signed out"

We recently onboarded this customer, which currently are on a pilot phase. I discovered this prompt message just after kicking off the ESP, hasn't even finished "Device preparation" and I am already getting prompted to be signed out.

I grabbed the logs, and I couldn't find anything that would be causing an ESP reboot. Then I realised I encountered this a few years ago, and thought it could be related to https://learn.microsoft.com/en-us/windows/client-management/mdm/applocker-csp. Checked the customer's tenant, which they were AppLocker policies but wasn't targeting the pilot devices, which then may we wonder. I went through and excluded all the 'Security Baselines' that were deployed.

As far as I know Applocker and that CSP are deprecated, look to use the AppControl CSP which replaced it and fixes this fault (designed for WDAC) - https://learn.microsoft.com/en-us/windows/client-management/mdm/applicationcontrol-csp

I started to do more digging around the "Endpoint Security", there was nothing in App Control for business, till I found this policy - Application Control under Attack Surface Reduction.

Even though it was set with "Audit Components, Store Apps and SmartLocker" - it still broke the ESP build. So I excluded the pilot group from the device

Re-did the autopilot build, and no more errors which the ESP went through smoothly.