Uploaded byabhipotdar
PDF, PPTX1,246 views

Windows Autopilot (1).pdf

Windows Autopilot provides three ways to deploy Windows devices: user-driven mode, self-deploying mode, and for existing devices. User-driven mode involves the user authenticating during setup and is for single-user devices. Self-deploying mode requires no user interaction during setup and is for shared, kiosk, or digital signage devices. For existing devices, Windows 7 can be upgraded to Windows 10 via a task sequence, and the device will then proceed through the Windows Autopilot user-driven process on first boot to join Azure Active Directory.

Embed presentation

Download as PDF, PPTX
Windows Autopilot
Traditional Windows deployment // The old way Build a custom image, gathering everything else that’s necessary to deploy Time means money, making this an expensive proposition Deploy image to a new computer, overwriting what was originally on it DRIVERS POLICIES OFFICE & APPS SETTINGS
Modern Windows deployment // The new way Un-box and turn on off-the-shelf Windows PC Device is ready for productive use Transform with minimal user interaction
Key Benefits: No more maintenance of images and drivers No need for IT to touch the devices Simple process for users and IT Integration in the device supply chain Reset device back to a business ready state Device lifecycle management with Windows Autopilot and Intune Business ready Break fix Retirement Management Procurement Deployment
OEM-optimized Windows 10 + Software + Settings + Updates + Features + User data Ready for productive use The transformation
Windows Autopilot deployment Three simple steps Register devices Assign an Autopilot profile to the devices Ship the device to the user Cloud driven
Administering Windows Autopilot Microsoft Store for Business Microsoft Intune Partner Center Microsoft 365 Business
Step 1. Registering devices
OEMs, distributors, and resellers make the process easy: • Automatically add new devices to Azure tenant at time of shipment • Associate devices to customer’s purchase order for easy device grouping • Tag devices with a customer specified label • Provide an preinstalled image that is ready for configuration* For a list of those supporting Windows Autopilot supply chain integration please visit: https://aka.ms/WindowsAutopilot Registering new devices Supply chain integration
If you have existing Windows 10 devices: • Enable new Autopilot profile setting for all targeted devices • Ensure the Autopilot profile is assigned to a group containing the existing Windows 10 devices If your existing Windows 10 devices are not yet Intune- managed: • Enable co-management with ConfigMgr via the “Automatic enrollment into Intune” setting. (See https://docs.microsoft.com/en- us/sccm/core/clients/manage/co-management-overview#enable-co-management) • Ensure all new Intune-enrolled Windows 10 devices are part of a group with an assigned Autopilot profile Registering existing devices Automatically for all Intune-managed Windows 10 devices
To register existing devices: • Use the PowerShell script available at https://www.powershellgallery.com/packages/Get- WindowsAutoPilotInfo • Run for each device (requires Windows 10 1703 or higher) • Upload resulting CSV file via Intune portal • See https://docs.microsoft.com/en- us/windows/deployment/windows-autopilot/add- devices#collecting-the-hardware-id-from-existing-devices- using-powershell for more information Great for testing and validation with existing devices and virtual machines Registering existing devices Manually for existing devices
Step 2. Assign profile
Configure important details: • Deployment mode • Specific settings required for the deployment mode • New! BitLocker encryption even for non-admin users (requires Windows 10 1809) • Out-of-box experience (OOBE) settings • New! Hide change account options (requires Windows 10 1809) • New! Device naming pattern, supporting variable substitution (requires Windows 10 1809): • %SERIAL% • %RAND:x% (where X is the number of digits) Creating an Autopilot profile
If you have existing Windows 10 devices: • An Azure AD device object is automatically created for each imported Autopilot device • Create one or more Azure AD groups • Assign an Autopilot profile to the Azure AD group • Intune will automatically assign the profile to all members of the assigned group Options for grouping: • Dynamic group with all Autopilot devices • Dynamic group based on purchase order ID • Dynamic group based on device tag (orderID) • Manual Assigning an Autopilot profile Automated using groups
Step 3. Deploy!
Windows Autopilot overview Configure Windows Autopilot profile Self-service deploy DeviceIDs Hardware Vendor IT Admin Ship Deliver direct to Employee Employee unboxes device, self-deploys Intune Windows Autopilot Device sync Autopilot profile sync
Windows 10 version 1703 or higher One of the following, to provide needed Azure Active Directory (automatic MDM enrollment and company branding features) and MDM functionality: https://docs.microsoft.com/en-us/windows/deployment/windows-autopilot/windows-autopilot- requirements-licensing
Azure Active Directory https://docs.microsoft.com/en-us/intune/windows- enroll#enable-windows-10-automatic-enrollment https://docs.microsoft.com/en-us/azure/active- directory/fundamentals/customize-branding Intune: https://docs.microsoft.com/en-us/windows/deployment/windows-autopilot/windows-autopilot- requirements-configuration
Ensure policies, apps and settings are complete prior to the end user gaining access to the desktop Confirm minimum baseline requirements Protect data during device set up Deliver a compliant secure device Personalize the out of box experience New! Unlock Windows 10 in S mode (requires Windows 10 1809) Requirements Windows 10, version 1803 (with May cumulative update or later) Azure Active Directory Premium Microsoft Intune Windows Autopilot Enrollmentstatuspage
Scenarios
AVAILABLE in 1809 AVAILABLE in 1809 AVAILABLE in 1809 AVAILABLE in 1809 AVAILABLE AVAILABLE Windows Autopilot Scenarios User-driven mode Windows 10 1703 and above Join device to Azure AD, enroll in Intune/MDM Windows Autopilot for existing devices Windows 10 1809 and above Windows 7 to Windows 10 ConfigMgr task sequence, followed by Windows Autopilot user-driven mode Self-deploying mode Windows 10 1809 and above No need to provide credentials, automatically joins Azure AD Hybrid Azure AD join Windows 10 1809 and above Join device to AD, enroll in Intune/MDM Windows Autopilot reset - local Windows 10 1709 and above Execute a device reset via a local keystroke, maintaining Azure AD join and MDM enrollment Windows Autopilot reset - remote Windows 10 1809 and above Execute a device reset via Intune and maintain Azure AD join and MDM enrollment
User-driven deployment with Azure AD
Windows Autopilot User-Driven Mode Pre-requisites Windows 10 version 1703 or higher For the maximum functionality, use the latest Windows 10 release One of the following, to provide needed Azure Active Directory (automatic MDM enrollment and company branding features) and MDM functionality: Microsoft 365 Business subscriptions Microsoft 365 F1 subscriptions Microsoft 365 Enterprise E3 or E5 subscriptions, which include all Windows 10, Office 365, and EM+S features (Azure AD and Intune) Enterprise Mobility + Security E3 or E5 subscriptions, which include all needed Azure AD and Intune features Azure Active Directory Premium P1 or P2 and Intune subscriptions (or an alternative MDM service) See https://docs.microsoft.com/en-us/windows/deployment/windows-autopilot/windows- autopilot-requirements-licensing for more information
Design notes Should be done by the end user User authenticates with Azure AD from the start Choose between admin and non-admin Typically for single-user (not shared) devices
It should be as easy as Registering your device with Autopilot Assigning a User-Driven Autopilot Profile using Intune Connecting to a network and booting your device Authenticating with user credentials
Simple process to prepare a device for a different purpose: Remove all apps, settings, and personal files Preserve Azure Active Directory join and MDM enrollment so the device is still managed Preserves provisioning packages Keeps keyboard, language, wi-fi settings* Takes 20-30 minutes to complete on typical hardware Windows Autopilot Reset (previously Windows Automatic Redeployment) Local • Windows 10 1709 and above • Initiated by an admin via Windows-Control-R keystroke from lock screen Remote • Windows 10 1809 and above • Initiated remotely via Intune
Self-deploying mode
VDI clients Digital signage Single app kiosk Multi app kiosk Shared PC How would you use Autopilot to deploy…
Design notes Technicians usually set up these types of devices No defined user to auth or set up the device May not have peripherals (keyboards, mice, etc.) Typically involve “walk up and use” scenarios
It should be as easy as Registering your device with Autopilot Assigning a Self-Deploying Autopilot Profile using Intune Connecting to a network and booting your device
Windows Autopilot overview Configure Windows Autopilot profile Self-service deploy DeviceIDs Hardware Vendor IT Admin Ship Deliver direct to Employee Employee unboxes device, self-deploys Intune Windows Autopilot Device sync Autopilot profile sync
Windows Autopilot Self-Deploying Mode Pre-requisites Windows 10 version 1809 or higher running on a device with TPM 2.0 One of the following, to provide needed Azure Active Directory (automatic MDM enrollment and company branding features) and MDM functionality: Microsoft 365 Business subscriptions Microsoft 365 F1 subscriptions Microsoft 365 Enterprise E3 or E5 subscriptions, which include all Windows 10, Office 365, and EM+S features (Azure AD and Intune) Enterprise Mobility + Security E3 or E5 subscriptions, which include all needed Azure AD and Intune features Azure Active Directory Premium P1 or P2 and Intune subscriptions (or an alternative MDM service) See https://docs.microsoft.com/en-us/windows/deployment/windows-autopilot/windows- autopilot-requirements-licensing for more information
for existing devices
January 14, 2020
Windows Autopilot
Design notes Upgrading the OS is just part of the problem Need to migrate user data from Win7 to Win10 Unable to harvest hardware hashes in Win7
Here’s how it works Deploy group policy to redirect Known Folders to OneDrive Generate Autopilot Reuse configuration file Deploy Task Sequence to upgrade to Windows 10 Windows 10 machine goes through Autopilot on first boot
Windows Autopilot for existing devices Prerequisites: Windows 10 1809 and above Azure Active Directory Premium Microsoft Intune System Center Configuration Manager current branch (TBD) Steps: 1. Create task sequence to deploy generic Windows 10 image with needed drivers (wipe-and-load) 2. Migrate data to OneDrive for Business (in advance) 3. Deploy task sequence to existing Windows 7 devices, installing Windows 10 and proceeding through Windows Autopilot user- driven process to join device to Azure AD
Windows Autopilot (1).pdf
Windows Autopilot (1).pdf
Windows Autopilot (1).pdf

More Related Content

PPTX
End to End Guide Windows AutoPilot Process via Intune
byAnoop Nair
 
PDF
Microsoft Intune - Global Azure Bootcamp 2018
byJoTechies
 
PPTX
Modernise your Windows 10 deployment with Windows Autopilot
byAndrew Bettany
 
PPTX
Modern deployment with Autopilot and Azure AD
byFabian Niesen
 
PPTX
Get started with Windows AutoPilot Deployment
byMicrosoft
 
PPTX
5 modern desktop - windows autopilot
byAndrew Bettany
 
PPTX
EPC Group Intune Practice and Capabilities Overview
byEPC Group
 
PPTX
Managing iOS with Microsoft Intune
bySimon May
 
End to End Guide Windows AutoPilot Process via Intune
byAnoop Nair
 
Microsoft Intune - Global Azure Bootcamp 2018
byJoTechies
 
Modernise your Windows 10 deployment with Windows Autopilot
byAndrew Bettany
 
Modern deployment with Autopilot and Azure AD
byFabian Niesen
 
Get started with Windows AutoPilot Deployment
byMicrosoft
 
5 modern desktop - windows autopilot
byAndrew Bettany
 
EPC Group Intune Practice and Capabilities Overview
byEPC Group
 
Managing iOS with Microsoft Intune
bySimon May
 

What's hot

PDF
Windows Autopilot - Workplace Nijna Summmit 2020
byRonni Pedersen
 
PPTX
Intune Concept.pptx
byjmbrrvgzhr
 
PPTX
Enterprise Mobility Suite-Microsoft Intune
byLai Yoong Seng
 
PPTX
Windows intune
byIron Cove Solutions
 
PDF
Modern Devices Management
byAtanas Gergiminov
 
PDF
Microsoft Intune - Empowering Enterprise Mobility - Presented by Atidan
byDavid J Rosenthal
 
PPTX
Microsoft intune
byManishKumar959920
 
PPTX
SpiceWorks All Access IT 2019 Windows Autopilot
byAndrew Bettany
 
PPTX
Microsoft Intune-Windows Hello-Presentation
byfirassaltal
 
PDF
Microsoft 365 Security and Compliance
byDavid J Rosenthal
 
PDF
Microsoft 365 eEnterprise E5 Overview
byDavid J Rosenthal
 
PDF
Microsoft Cloud App Security
byMicrosoft
 
PPTX
M365 e3 and identity and threat protection and compliance new skus
bySpencerLuke2
 
PDF
Microsoft 365 Security Overview
byRobert Crane
 
PDF
Mobile Device Management for Office 365 - Atidan
byDavid J Rosenthal
 
PDF
A Secure Journey to Cloud with Microsoft 365
byDavid J Rosenthal
 
PPTX
Sccm 2012
byebuc
 
PPTX
2 Modern Security - Microsoft Information Protection
byAndrew Bettany
 
PPTX
10 Benefits of Mobile Device Managment
byMTG IT Professionals
 
PPTX
Microsoft Purview Overview Deck.pptx is for Microsoft Purview
byahsanf1
 
Windows Autopilot - Workplace Nijna Summmit 2020
byRonni Pedersen
 
Intune Concept.pptx
byjmbrrvgzhr
 
Enterprise Mobility Suite-Microsoft Intune
byLai Yoong Seng
 
Windows intune
byIron Cove Solutions
 
Modern Devices Management
byAtanas Gergiminov
 
Microsoft Intune - Empowering Enterprise Mobility - Presented by Atidan
byDavid J Rosenthal
 
Microsoft intune
byManishKumar959920
 
SpiceWorks All Access IT 2019 Windows Autopilot
byAndrew Bettany
 
Microsoft Intune-Windows Hello-Presentation
byfirassaltal
 
Microsoft 365 Security and Compliance
byDavid J Rosenthal
 
Microsoft 365 eEnterprise E5 Overview
byDavid J Rosenthal
 
Microsoft Cloud App Security
byMicrosoft
 
M365 e3 and identity and threat protection and compliance new skus
bySpencerLuke2
 
Microsoft 365 Security Overview
byRobert Crane
 
Mobile Device Management for Office 365 - Atidan
byDavid J Rosenthal
 
A Secure Journey to Cloud with Microsoft 365
byDavid J Rosenthal
 
Sccm 2012
byebuc
 
2 Modern Security - Microsoft Information Protection
byAndrew Bettany
 
10 Benefits of Mobile Device Managment
byMTG IT Professionals
 
Microsoft Purview Overview Deck.pptx is for Microsoft Purview
byahsanf1
 

Similar to Windows Autopilot (1).pdf

PPTX
MD-102T00-Exxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx .pptx
bymloga861
 
PPTX
Microsoft 365 Endpoint Administrator Presentation
byHamzaShafiq57
 
PDF
Llunitebe2018 implement modern management as like brewing a beer
byKenny Buntinx
 
PPTX
Microsoft 365 UG Windows Autopilot 1st May 2019
byAndrew Bettany
 
PPTX
Short and brief information about Windows Autopilot
bynewtoknow techs
 
PDF
MCT Global Summit 2018 - AutoPilot - The power of user-based deployment
byFabian Niesen
 
DOCX
Windows Autopilot & Microsoft Intune_ Key Features, Benefits, and Drawbacks.docx
byEnterprise Laplink
 
PPTX
Windows 10 Autopilot #BITPro User Group Event
byAnoop Nair
 
PDF
Experts Live Europe 2017 - Windows 10 and the cloud - why the future needs hy...
byAlexander Benoit
 
PPTX
MS Experiences 2017 - Mise en œuvre du concept de Modern IT ou comment vous s...
byMaelle Glemarec
 
PDF
Modern Desktop Management Series Sessions
byssuserea3aad1
 
PPTX
Security at the endpoint or flying by autopilot
byOwen Allen
 
PDF
Device Setup with Zero-Touch Deployment for Windows 10 and 11.pdf
byIT Partner
 
PPTX
Understand_device_management_using_Microsoft_Intune_(1)[1].pptx
byAsif Alam
 
PPTX
SCUGDK 1803 Windows Autopilot
byPer Larsen
 
PDF
Ngn ngi windows 10 beheer
byNgi-NGN Online
 
PDF
828275126-INTUNE-Instructor-Handout-V1-7.pdf
byYohannaMonsalvez1
 
PPTX
Tdswe 1810 learn how to create a secure and modern windows device
byPer Larsen
 
PDF
NGN-NGI Windows 10 Beheer & Uitrol
byRonny de Jong
 
PPTX
Hied device Autopilot in Microsoft inTune
byRafaelw23
 
MD-102T00-Exxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx .pptx
bymloga861
 
Microsoft 365 Endpoint Administrator Presentation
byHamzaShafiq57
 
Llunitebe2018 implement modern management as like brewing a beer
byKenny Buntinx
 
Microsoft 365 UG Windows Autopilot 1st May 2019
byAndrew Bettany
 
Short and brief information about Windows Autopilot
bynewtoknow techs
 
MCT Global Summit 2018 - AutoPilot - The power of user-based deployment
byFabian Niesen
 
Windows Autopilot & Microsoft Intune_ Key Features, Benefits, and Drawbacks.docx
byEnterprise Laplink
 
Windows 10 Autopilot #BITPro User Group Event
byAnoop Nair
 
Experts Live Europe 2017 - Windows 10 and the cloud - why the future needs hy...
byAlexander Benoit
 
MS Experiences 2017 - Mise en œuvre du concept de Modern IT ou comment vous s...
byMaelle Glemarec
 
Modern Desktop Management Series Sessions
byssuserea3aad1
 
Security at the endpoint or flying by autopilot
byOwen Allen
 
Device Setup with Zero-Touch Deployment for Windows 10 and 11.pdf
byIT Partner
 
Understand_device_management_using_Microsoft_Intune_(1)[1].pptx
byAsif Alam
 
SCUGDK 1803 Windows Autopilot
byPer Larsen
 
Ngn ngi windows 10 beheer
byNgi-NGN Online
 
828275126-INTUNE-Instructor-Handout-V1-7.pdf
byYohannaMonsalvez1
 
Tdswe 1810 learn how to create a secure and modern windows device
byPer Larsen
 
NGN-NGI Windows 10 Beheer & Uitrol
byRonny de Jong
 
Hied device Autopilot in Microsoft inTune
byRafaelw23
 

Recently uploaded

PPTX
"Aristotle : Father Of Western Philosophy"
bymitalbarathod28
 
PDF
Sharad Bisen_Soil Sterilization_Objectives_ICAR Course, Sixth Dean Committee.pdf
bybisensharad
 
PPTX
Definition of communication skills and it's process.
bypurvrajsinhsarvaiya0
 
PPTX
literary theory and criticism by Vivek p
byvivekrathodborda
 
PPTX
Appreciations - Jan 26 01.pptxkkkmmkmkmkmkm
bypreetheshparmar
 
PPTX
West Hatch High School - GCSE Art Presentation
byWestHatch
 
PPTX
How Physician Assistants in the USA Earn CME Credits Online.pptx
byCME4Life
 
PPTX
West Hatch High School: Year 9 Art Course
byWestHatch
 
PPTX
How to Manage Deferred Revenue in Odoo 18 Accounting
byCeline George
 
PPT
West Hatch High School - GCSE History Option
byWestHatch
 
PDF
Bishan_Singh_Presentation - Toba tek Singh
bygopalsinhchauhan9313
 
PPTX
The night at deoli - Ruskin bond's story of first love
byrajibhammar4
 
PPTX
Drug Distribution in Pharmacology: Mechanisms, Barriers, Factors & Volume of ...
byamrin3379
 
PPTX
West Hatch High School - GCSE Spanish Presentation
byWestHatch
 
PDF
West Hatch High School - GCSE Media Specification
byWestHatch
 
PPTX
That long silence - Novel by Shashi Deshapande
bysanjanavaghela65
 
PDF
Unit Plan and Unit Test-pdf-Dr. Rajashekhar Shirvalkar, Principal, SMRS B.Ed ...
byRajashekhar Shirvalkar
 
PPTX
How to Create & Configure Rewards in Odoo 18 Referrals
byCeline George
 
PPTX
Master of Punjabi Short Story "kartar singh duggal
bybhautikbharwad4
 
PDF
Radio Ceylon Finals (An Indian Subcontinent Quiz).pdf
byConquiztadors- the Quiz Society of Sri Venkateswara College
 
"Aristotle : Father Of Western Philosophy"
bymitalbarathod28
 
Sharad Bisen_Soil Sterilization_Objectives_ICAR Course, Sixth Dean Committee.pdf
bybisensharad
 
Definition of communication skills and it's process.
bypurvrajsinhsarvaiya0
 
literary theory and criticism by Vivek p
byvivekrathodborda
 
Appreciations - Jan 26 01.pptxkkkmmkmkmkmkm
bypreetheshparmar
 
West Hatch High School - GCSE Art Presentation
byWestHatch
 
How Physician Assistants in the USA Earn CME Credits Online.pptx
byCME4Life
 
West Hatch High School: Year 9 Art Course
byWestHatch
 
How to Manage Deferred Revenue in Odoo 18 Accounting
byCeline George
 
West Hatch High School - GCSE History Option
byWestHatch
 
Bishan_Singh_Presentation - Toba tek Singh
bygopalsinhchauhan9313
 
The night at deoli - Ruskin bond's story of first love
byrajibhammar4
 
Drug Distribution in Pharmacology: Mechanisms, Barriers, Factors & Volume of ...
byamrin3379
 
West Hatch High School - GCSE Spanish Presentation
byWestHatch
 
West Hatch High School - GCSE Media Specification
byWestHatch
 
That long silence - Novel by Shashi Deshapande
bysanjanavaghela65
 
Unit Plan and Unit Test-pdf-Dr. Rajashekhar Shirvalkar, Principal, SMRS B.Ed ...
byRajashekhar Shirvalkar
 
How to Create & Configure Rewards in Odoo 18 Referrals
byCeline George
 
Master of Punjabi Short Story "kartar singh duggal
bybhautikbharwad4
 
Radio Ceylon Finals (An Indian Subcontinent Quiz).pdf
byConquiztadors- the Quiz Society of Sri Venkateswara College
 

Windows Autopilot (1).pdf

  • 1.
  • 2.
    Traditional Windows deployment// The old way Build a custom image, gathering everything else that’s necessary to deploy Time means money, making this an expensive proposition Deploy image to a new computer, overwriting what was originally on it DRIVERS POLICIES OFFICE & APPS SETTINGS
  • 3.
    Modern Windows deployment// The new way Un-box and turn on off-the-shelf Windows PC Device is ready for productive use Transform with minimal user interaction
  • 4.
    Key Benefits: No moremaintenance of images and drivers No need for IT to touch the devices Simple process for users and IT Integration in the device supply chain Reset device back to a business ready state Device lifecycle management with Windows Autopilot and Intune Business ready Break fix Retirement Management Procurement Deployment
  • 5.
    OEM-optimized Windows 10 +Software + Settings + Updates + Features + User data Ready for productive use The transformation
  • 7.
    Windows Autopilot deployment Three simplesteps Register devices Assign an Autopilot profile to the devices Ship the device to the user Cloud driven
  • 8.
    Administering Windows Autopilot Microsoft Storefor Business Microsoft Intune Partner Center Microsoft 365 Business
  • 9.
  • 11.
    OEMs, distributors, andresellers make the process easy: • Automatically add new devices to Azure tenant at time of shipment • Associate devices to customer’s purchase order for easy device grouping • Tag devices with a customer specified label • Provide an preinstalled image that is ready for configuration* For a list of those supporting Windows Autopilot supply chain integration please visit: https://aka.ms/WindowsAutopilot Registering new devices Supply chain integration
  • 12.
    If you haveexisting Windows 10 devices: • Enable new Autopilot profile setting for all targeted devices • Ensure the Autopilot profile is assigned to a group containing the existing Windows 10 devices If your existing Windows 10 devices are not yet Intune- managed: • Enable co-management with ConfigMgr via the “Automatic enrollment into Intune” setting. (See https://docs.microsoft.com/en- us/sccm/core/clients/manage/co-management-overview#enable-co-management) • Ensure all new Intune-enrolled Windows 10 devices are part of a group with an assigned Autopilot profile Registering existing devices Automatically for all Intune-managed Windows 10 devices
  • 13.
    To register existingdevices: • Use the PowerShell script available at https://www.powershellgallery.com/packages/Get- WindowsAutoPilotInfo • Run for each device (requires Windows 10 1703 or higher) • Upload resulting CSV file via Intune portal • See https://docs.microsoft.com/en- us/windows/deployment/windows-autopilot/add- devices#collecting-the-hardware-id-from-existing-devices- using-powershell for more information Great for testing and validation with existing devices and virtual machines Registering existing devices Manually for existing devices
  • 14.
  • 15.
    Configure important details: •Deployment mode • Specific settings required for the deployment mode • New! BitLocker encryption even for non-admin users (requires Windows 10 1809) • Out-of-box experience (OOBE) settings • New! Hide change account options (requires Windows 10 1809) • New! Device naming pattern, supporting variable substitution (requires Windows 10 1809): • %SERIAL% • %RAND:x% (where X is the number of digits) Creating an Autopilot profile
  • 16.
    If you haveexisting Windows 10 devices: • An Azure AD device object is automatically created for each imported Autopilot device • Create one or more Azure AD groups • Assign an Autopilot profile to the Azure AD group • Intune will automatically assign the profile to all members of the assigned group Options for grouping: • Dynamic group with all Autopilot devices • Dynamic group based on purchase order ID • Dynamic group based on device tag (orderID) • Manual Assigning an Autopilot profile Automated using groups
  • 20.
  • 21.
    Windows Autopilot overview Configure Windows Autopilotprofile Self-service deploy DeviceIDs Hardware Vendor IT Admin Ship Deliver direct to Employee Employee unboxes device, self-deploys Intune Windows Autopilot Device sync Autopilot profile sync
  • 22.
    Windows 10 version1703 or higher One of the following, to provide needed Azure Active Directory (automatic MDM enrollment and company branding features) and MDM functionality: https://docs.microsoft.com/en-us/windows/deployment/windows-autopilot/windows-autopilot- requirements-licensing
  • 23.
  • 24.
    Ensure policies, appsand settings are complete prior to the end user gaining access to the desktop Confirm minimum baseline requirements Protect data during device set up Deliver a compliant secure device Personalize the out of box experience New! Unlock Windows 10 in S mode (requires Windows 10 1809) Requirements Windows 10, version 1803 (with May cumulative update or later) Azure Active Directory Premium Microsoft Intune Windows Autopilot Enrollmentstatuspage
  • 27.
  • 28.
    AVAILABLE in 1809 AVAILABLEin 1809 AVAILABLE in 1809 AVAILABLE in 1809 AVAILABLE AVAILABLE Windows Autopilot Scenarios User-driven mode Windows 10 1703 and above Join device to Azure AD, enroll in Intune/MDM Windows Autopilot for existing devices Windows 10 1809 and above Windows 7 to Windows 10 ConfigMgr task sequence, followed by Windows Autopilot user-driven mode Self-deploying mode Windows 10 1809 and above No need to provide credentials, automatically joins Azure AD Hybrid Azure AD join Windows 10 1809 and above Join device to AD, enroll in Intune/MDM Windows Autopilot reset - local Windows 10 1709 and above Execute a device reset via a local keystroke, maintaining Azure AD join and MDM enrollment Windows Autopilot reset - remote Windows 10 1809 and above Execute a device reset via Intune and maintain Azure AD join and MDM enrollment
  • 29.
  • 30.
    Windows Autopilot User-DrivenMode Pre-requisites Windows 10 version 1703 or higher For the maximum functionality, use the latest Windows 10 release One of the following, to provide needed Azure Active Directory (automatic MDM enrollment and company branding features) and MDM functionality: Microsoft 365 Business subscriptions Microsoft 365 F1 subscriptions Microsoft 365 Enterprise E3 or E5 subscriptions, which include all Windows 10, Office 365, and EM+S features (Azure AD and Intune) Enterprise Mobility + Security E3 or E5 subscriptions, which include all needed Azure AD and Intune features Azure Active Directory Premium P1 or P2 and Intune subscriptions (or an alternative MDM service) See https://docs.microsoft.com/en-us/windows/deployment/windows-autopilot/windows- autopilot-requirements-licensing for more information
  • 31.
    Design notes Should bedone by the end user User authenticates with Azure AD from the start Choose between admin and non-admin Typically for single-user (not shared) devices
  • 32.
    It should beas easy as Registering your device with Autopilot Assigning a User-Driven Autopilot Profile using Intune Connecting to a network and booting your device Authenticating with user credentials
  • 34.
    Simple process toprepare a device for a different purpose: Remove all apps, settings, and personal files Preserve Azure Active Directory join and MDM enrollment so the device is still managed Preserves provisioning packages Keeps keyboard, language, wi-fi settings* Takes 20-30 minutes to complete on typical hardware Windows Autopilot Reset (previously Windows Automatic Redeployment) Local • Windows 10 1709 and above • Initiated by an admin via Windows-Control-R keystroke from lock screen Remote • Windows 10 1809 and above • Initiated remotely via Intune
  • 36.
  • 37.
    VDI clients Digital signage Singleapp kiosk Multi app kiosk Shared PC How would you use Autopilot to deploy…
  • 38.
    Design notes Technicians usuallyset up these types of devices No defined user to auth or set up the device May not have peripherals (keyboards, mice, etc.) Typically involve “walk up and use” scenarios
  • 39.
    It should beas easy as Registering your device with Autopilot Assigning a Self-Deploying Autopilot Profile using Intune Connecting to a network and booting your device
  • 42.
    Windows Autopilot overview Configure Windows Autopilotprofile Self-service deploy DeviceIDs Hardware Vendor IT Admin Ship Deliver direct to Employee Employee unboxes device, self-deploys Intune Windows Autopilot Device sync Autopilot profile sync
  • 43.
    Windows Autopilot Self-DeployingMode Pre-requisites Windows 10 version 1809 or higher running on a device with TPM 2.0 One of the following, to provide needed Azure Active Directory (automatic MDM enrollment and company branding features) and MDM functionality: Microsoft 365 Business subscriptions Microsoft 365 F1 subscriptions Microsoft 365 Enterprise E3 or E5 subscriptions, which include all Windows 10, Office 365, and EM+S features (Azure AD and Intune) Enterprise Mobility + Security E3 or E5 subscriptions, which include all needed Azure AD and Intune features Azure Active Directory Premium P1 or P2 and Intune subscriptions (or an alternative MDM service) See https://docs.microsoft.com/en-us/windows/deployment/windows-autopilot/windows- autopilot-requirements-licensing for more information
  • 44.
  • 45.
  • 46.
  • 47.
    Design notes Upgrading theOS is just part of the problem Need to migrate user data from Win7 to Win10 Unable to harvest hardware hashes in Win7
  • 48.
    Here’s how itworks Deploy group policy to redirect Known Folders to OneDrive Generate Autopilot Reuse configuration file Deploy Task Sequence to upgrade to Windows 10 Windows 10 machine goes through Autopilot on first boot
  • 50.
    Windows Autopilot forexisting devices Prerequisites: Windows 10 1809 and above Azure Active Directory Premium Microsoft Intune System Center Configuration Manager current branch (TBD) Steps: 1. Create task sequence to deploy generic Windows 10 image with needed drivers (wipe-and-load) 2. Migrate data to OneDrive for Business (in advance) 3. Deploy task sequence to existing Windows 7 devices, installing Windows 10 and proceeding through Windows Autopilot user- driven process to join device to Azure AD