Windows Autopilot has increased popularity over the past 3 years since its release in 2017. As a consultant within the Microsoft Cloud space, I had more conversations with customers about how Autopilot can change who they deploy Windows 10 devices to their end-users.
Being able to deliver a brand new Windows 10 device from the OEM Factory to the end-users desk that is already configured with all the required security policies and applications has to be the biggest selling point.
This post is how we can move to Windows Autopilot in 3 easy steps;
Step 1 – Register Devices
Option 1 – (Recommended) Have devices registered automatically;
– Request clean images, choice of Windows 10 version at the same time (if available) not all OEM vendors are able to provide clean images. A useful workaround for this is getting a Windows 10 script I have seen available to remove bloatware. If you haven’t seen it I have dropped a copy on GitHub.
– Specify group tag to help segment device by purpose (depending on the size of your organisation this may not be a requirement)
-Device are automatically tagged with purchase order ID
Option 2 – (Recommended for Piloting) Register devices yourself via Intune for testing and evaluation using Get-WindowsAutopilotInfo PowerShell script created by Microsoft.
Once you have the required CSV file from executing the script you can manually register the device.
Option 3 – Register (harvest) existing Intune-managed devices automatically. If you are an organisation that has already enrolled your Windows 10 devices into Microsoft Intune you can register all devices for Windows Autopilot.
Step 2 – Assign a profile
– Select profile scenario (user-driven or self-deploying)
– Configure required settings
-Assign to Azure AD group so Intune will automatically assign to all devices in that group. (I am a big fan of dynamic groups)
Use a dynamic Azure AD group to automate this step
– Consider static Azure AD groups for exceptions
Coming soonAzure Hybrid AD join for devices that dont have line of sight to a domain controller, this is currently in testing and will use a VPN to call home. The support has been built into Windows 10 1909.
Step 3 – Deploy
Boot up the device or devices
Connect to a network either wired or wireless
Enter credentials if required (credentials not required for self-deployment profiles)
The device will now go away and provision based on your configuration within Microsoft Endpoint Manager, once complete all that is left to say is…
Welcome to Windows Autopilot!!! I will be writing a more in-depth post about Autopilot soon because off the configuration I am currently using for my home devices.
The Author – Blogabout.Cloud