Windows Autopilot is a modern way of OS deployment which doesn’t require IT Pros customize OS images & other settings and deploy to the machines. It’s a cloud based solutions and it takes few simple steps to configure and ready for production use. In this post, I have shared my experience in Configuring Windows Autopilot via Intune.
- Preparation of Azure Active Directory
- Preparation of Microsoft Intune
- Enroll Windows 10 Device into Windows AutoPilot
- Azure AD Premium P1 or P2
- Users must be allowed to join devices into Azure AD
- Microsoft Intune to manage your devices
- Devices must have access to the internet
- Devices with Windows 10 version 1703 or later
- Devices must be registered to the organization
Preparation of Azure Active Directory:
Login into Azure AD Portal and activate Enterprise Mobility + Security E5 license which includes Azure Active Directory Premium in the Azure Active Directory. Create a user and assign Enterprise Mobility + Security E5 license so that they can enroll the devices.
Configure Device settings for users to join devices into Azure AD.
Configure Company branding settings to appear during OOBE screen and save the settings.
Enable MDM Auto enrollment in Azure AD in order for devices to auto enrolled with Microsoft Intune as well.
Preparation of Microsoft Intune
In Microsoft Intune, you need to specify MDM authority whether Microsoft Intune or Configuration Manager Once you selected, you can see as like below.
Under Device Enrollment – Windows Enrollment ,Configure Enrollment status Page(Preview) and assign it to all users, it will show the assigned apps & profiles statuses during initial device startup.
Under Device Enrollment – Windows Enrollment, Configure Windows Autopilot deployment profile to assign to the device. Click on Create profile.
Choose Deployment mode, Join to Azure AD & configure OOBE experience to hide EULA & privacy settings so users will not get EULA, privacy settings during initial device setup and click on save. Now, the Windows Autopilot Deployment profile has been created and will assign the profile to device group.
I have assigned Windows AutoPilot deployment profile to AutoPilot device group.
Enroll Windows 10 machine into Windows Autopilot
We need to get the device information and upload into Microsoft store for business or Microsoft Intune. Open powershell as administrator on the machine and run the below command lines one by one and the result will be generated in the csv file. It contains Device Serial Number, Windows Product ID, Hardware Hash information.
- Save-Script -Name Get-WindowsAutoPilotInfo -Path C:\Windows\Temp
- Install-Script -Name Get-WindowsAutoPilotInfo
- Get-WindowsAutoPilotInfo.ps1 -OutputFile C:\Windows\Temp\MyComputer.csv
Next, please upload Mycomputer.csv file in the Microsoft store for business. Click Add devices and browse the csv file and select No, thanks. AutoPilot deployment group will be assigned in Microsoft Intune.
The below screenshot has taken once the device uploaded into Microsoft store for business.
This device information will be synced in Azure Active Directory & Microsoft Intune and then add into Windows Autopilot device group in AAD. The below screenshot shows the device has assigned with Windows Autopilot profile but not enrolled yet.
If you are using Hyper-v virtual machine, you need to reset the device(settings-> Recovery-> Reset this PC) and choose remove files and cleanup option. Once the device restarts, you can proceed with enrollment. I have put the enrollment experience in the video and please watch it.
Device will set to Enrolled status after device enrollment completed successfully
Thanks for reading this post 🙂