Yet another post about Windows AutoPilot…

So, what is Windows AutoPilot? Windows autopilot is a collection of technologies designed to simplify and modernize the deployment and management of your new and existing Windows 10 devices. You can customize the Out of Box Experience (OOBE) with fewer clicks, company brand it and force users to be standard users instead of administrators on their devices. As it is a cloud service you don’t need any extra infrastructure to set it up and IT doesn’t need to be involved with setting up brand-new devices.

 

Its basically Microsoft’s equivalent of Apples Device Enrollment Program (DEP) if you are familiar with it.

 

What do you need to setup Windows AutoPilot?

Prerequisites

  • Azure Active Directory P1 or P2
  • Company Branding need to be configured in Azure Active Directory (Optional)
  • Azure AD configured for MDM auto enrollment.
  • Hardware IDs registered with AutoPilot profile assigned in Microsoft Store for Education/Business
  • Intune or other MDM services
  • Device need to be installed with Windows 10 1703 with the July update or later
  • Internet access in OOBE

 

Let’s take a look on how to collect hardware id’s and later import them into AutoPilot.

In this example I will collect a hardware ID from my virtual machine using the WindowsAutoPilotInfo script from the Powershell Gallery

Open Powershell as administrator and execute the following command:

Install-Script -Name Get-WindowsAutoPilotInfo


Accept the warning about PATH environment variable change

 


Accept the NuGet provider

 


And finally accept the PSGallery repository

Now, lets run the script.

Execute the following command:

Set-ExecutionPolicy bypass

Accept the Execution Policy Change prompt. It allows us to run the Get-WindowsAutoPilotInfo script. Now choose/make a directory where you want to save your collected AutoPilot info. Now execute:

Get-WindowsAutoPilotInfo.ps1 -ComputerName $env:computername -OutputFile .AutoPilotInfo.csv

The script will generate a .CSV file that should look something like this.

Now that we have generated the info we want, we can add this info to our tenant. We can do this in the Microsoft store for Education/Business or in the Intune portal. In this example I will use the Microsoft store.

Protip: I won’t recommend using the Intune portal at this time as I have seen some strange behavior when importing the CSV files. For example I cannot remove some devices that I added previously.

Log on to your Microsoft store for Education/Business and select devices

 

Then click Add Devices

 

Select your AutoPilotInfo.csv file and click open.

Protip: Create a AutoPilot deployment group, you can name it whatever you want. This will make it easier to deploy AutoPilot profiles to several devices at the same time.

Now wait a few seconds..

 

When your done you will see your device in the list like this:

 

Now lets create a AutoPilot deployment profile for us to deploy to our newly imported device.

 

Customize the settings to your needs. In this example I will create a new AutoPilot profile called “TESTVM” i want to skip the privacy settings, disable local admin account creation on the device and skip the EULA.

Now let us assign the AutoPilot deployment profile we just made to our device.

Select your device from the list

Now select the profile we just created.

Now you can see from the list that the AutoPilot deployment profile has been added to the device.

For the end user OOBE will look like this when they enroll their Windows 10 devices.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s