If you produce or install a lot of Embedded systems, which means that you would more or less act as a OEM, everything is about efficiency. As soon as every small configuration step gets multiplied by 1000 or even higher numbers, it is starting to get expensive. Due to this, from an OEM perspective less is more.
Looking at operating system images having too many different of them can get expensive, too, as soon as they need to be maintained.
As a response to these scenarios the Audit System and AuditUser configuration passes have been introduced by Microsoft. The concept is to start with a very basic image containing only absolutely required drivers. The other drivers special to a target system are added during installation of the base image by selecting a suiting answer file. Binaries get picked up from a directory at the time the answer file is worked down during the audit phases.
The AuditSystem pass often is used to install drivers or other components close to the system, while AuditUser provides a maintenance window to everything that needs to be related to a certain User’s context, for example applications or utilities. Due to this, a manual user logon on may be requested by the system during this phase.
However, the rest of the configurations / installations run synchronously or asynchronously as configured in the answer file and in an unattended fashion.
The good thing about this approach is that any changes can be tested and checked after the Audit passes without spoiling the image by automatically specializing or resealing it.
If you want to use the Audit mechanisms be aware that they are optional and need be be explicitly invoked by calling sysprep /audit, or sysprep /generalize /audit.
There is also one other thing to remember. If you one is using the Reseal section in the unattended answer file, it is good to have a closer look at this comparison table on MSDN to understand the different effects the settings may produce.