SlideShare a Scribd company logo

Windows Autopilot (1).pdf

A
abhipotdar

windows autopilot

Education
1 of 53
Download to read offline
Windows Autopilot
Traditional Windows deployment // The old way Build a custom image, gathering everything else that’s necessary to deploy Time means money, making this an expensive proposition Deploy image to a new computer, overwriting what was originally on it DRIVERS POLICIES OFFICE & APPS SETTINGS
Modern Windows deployment // The new way Un-box and turn on off-the-shelf Windows PC Device is ready for productive use Transform with minimal user interaction
Key Benefits: No more maintenance of images and drivers No need for IT to touch the devices Simple process for users and IT Integration in the device supply chain Reset device back to a business ready state Device lifecycle management with Windows Autopilot and Intune Business ready Break fix Retirement Management Procurement Deployment
OEM-optimized Windows 10 + Software + Settings + Updates + Features + User data Ready for productive use The transformation
Windows Autopilot deployment Three simple steps Register devices Assign an Autopilot profile to the devices Ship the device to the user Cloud driven
Administering Windows Autopilot Microsoft Store for Business Microsoft Intune Partner Center Microsoft 365 Business
Step 1. Registering devices
OEMs, distributors, and resellers make the process easy: • Automatically add new devices to Azure tenant at time of shipment • Associate devices to customer’s purchase order for easy device grouping • Tag devices with a customer specified label • Provide an preinstalled image that is ready for configuration* For a list of those supporting Windows Autopilot supply chain integration please visit: https://aka.ms/WindowsAutopilot Registering new devices Supply chain integration
If you have existing Windows 10 devices: • Enable new Autopilot profile setting for all targeted devices • Ensure the Autopilot profile is assigned to a group containing the existing Windows 10 devices If your existing Windows 10 devices are not yet Intune- managed: • Enable co-management with ConfigMgr via the “Automatic enrollment into Intune” setting. (See https://docs.microsoft.com/en- us/sccm/core/clients/manage/co-management-overview#enable-co-management) • Ensure all new Intune-enrolled Windows 10 devices are part of a group with an assigned Autopilot profile Registering existing devices Automatically for all Intune-managed Windows 10 devices
To register existing devices: • Use the PowerShell script available at https://www.powershellgallery.com/packages/Get- WindowsAutoPilotInfo • Run for each device (requires Windows 10 1703 or higher) • Upload resulting CSV file via Intune portal • See https://docs.microsoft.com/en- us/windows/deployment/windows-autopilot/add- devices#collecting-the-hardware-id-from-existing-devices- using-powershell for more information Great for testing and validation with existing devices and virtual machines Registering existing devices Manually for existing devices
Step 2. Assign profile
Configure important details: • Deployment mode • Specific settings required for the deployment mode • New! BitLocker encryption even for non-admin users (requires Windows 10 1809) • Out-of-box experience (OOBE) settings • New! Hide change account options (requires Windows 10 1809) • New! Device naming pattern, supporting variable substitution (requires Windows 10 1809): • %SERIAL% • %RAND:x% (where X is the number of digits) Creating an Autopilot profile
If you have existing Windows 10 devices: • An Azure AD device object is automatically created for each imported Autopilot device • Create one or more Azure AD groups • Assign an Autopilot profile to the Azure AD group • Intune will automatically assign the profile to all members of the assigned group Options for grouping: • Dynamic group with all Autopilot devices • Dynamic group based on purchase order ID • Dynamic group based on device tag (orderID) • Manual Assigning an Autopilot profile Automated using groups
Step 3. Deploy!
Windows Autopilot overview Configure Windows Autopilot profile Self-service deploy DeviceIDs Hardware Vendor IT Admin Ship Deliver direct to Employee Employee unboxes device, self-deploys Intune Windows Autopilot Device sync Autopilot profile sync
Windows 10 version 1703 or higher One of the following, to provide needed Azure Active Directory (automatic MDM enrollment and company branding features) and MDM functionality: https://docs.microsoft.com/en-us/windows/deployment/windows-autopilot/windows-autopilot- requirements-licensing
Azure Active Directory https://docs.microsoft.com/en-us/intune/windows- enroll#enable-windows-10-automatic-enrollment https://docs.microsoft.com/en-us/azure/active- directory/fundamentals/customize-branding Intune: https://docs.microsoft.com/en-us/windows/deployment/windows-autopilot/windows-autopilot- requirements-configuration
Ensure policies, apps and settings are complete prior to the end user gaining access to the desktop Confirm minimum baseline requirements Protect data during device set up Deliver a compliant secure device Personalize the out of box experience New! Unlock Windows 10 in S mode (requires Windows 10 1809) Requirements Windows 10, version 1803 (with May cumulative update or later) Azure Active Directory Premium Microsoft Intune Windows Autopilot Enrollmentstatuspage
Scenarios
AVAILABLE in 1809 AVAILABLE in 1809 AVAILABLE in 1809 AVAILABLE in 1809 AVAILABLE AVAILABLE Windows Autopilot Scenarios User-driven mode Windows 10 1703 and above Join device to Azure AD, enroll in Intune/MDM Windows Autopilot for existing devices Windows 10 1809 and above Windows 7 to Windows 10 ConfigMgr task sequence, followed by Windows Autopilot user-driven mode Self-deploying mode Windows 10 1809 and above No need to provide credentials, automatically joins Azure AD Hybrid Azure AD join Windows 10 1809 and above Join device to AD, enroll in Intune/MDM Windows Autopilot reset - local Windows 10 1709 and above Execute a device reset via a local keystroke, maintaining Azure AD join and MDM enrollment Windows Autopilot reset - remote Windows 10 1809 and above Execute a device reset via Intune and maintain Azure AD join and MDM enrollment
User-driven deployment with Azure AD
Windows Autopilot User-Driven Mode Pre-requisites Windows 10 version 1703 or higher For the maximum functionality, use the latest Windows 10 release One of the following, to provide needed Azure Active Directory (automatic MDM enrollment and company branding features) and MDM functionality: Microsoft 365 Business subscriptions Microsoft 365 F1 subscriptions Microsoft 365 Enterprise E3 or E5 subscriptions, which include all Windows 10, Office 365, and EM+S features (Azure AD and Intune) Enterprise Mobility + Security E3 or E5 subscriptions, which include all needed Azure AD and Intune features Azure Active Directory Premium P1 or P2 and Intune subscriptions (or an alternative MDM service) See https://docs.microsoft.com/en-us/windows/deployment/windows-autopilot/windows- autopilot-requirements-licensing for more information
Design notes Should be done by the end user User authenticates with Azure AD from the start Choose between admin and non-admin Typically for single-user (not shared) devices
It should be as easy as Registering your device with Autopilot Assigning a User-Driven Autopilot Profile using Intune Connecting to a network and booting your device Authenticating with user credentials
Simple process to prepare a device for a different purpose: Remove all apps, settings, and personal files Preserve Azure Active Directory join and MDM enrollment so the device is still managed Preserves provisioning packages Keeps keyboard, language, wi-fi settings* Takes 20-30 minutes to complete on typical hardware Windows Autopilot Reset (previously Windows Automatic Redeployment) Local • Windows 10 1709 and above • Initiated by an admin via Windows-Control-R keystroke from lock screen Remote • Windows 10 1809 and above • Initiated remotely via Intune
Self-deploying mode
VDI clients Digital signage Single app kiosk Multi app kiosk Shared PC How would you use Autopilot to deploy…
Design notes Technicians usually set up these types of devices No defined user to auth or set up the device May not have peripherals (keyboards, mice, etc.) Typically involve “walk up and use” scenarios
It should be as easy as Registering your device with Autopilot Assigning a Self-Deploying Autopilot Profile using Intune Connecting to a network and booting your device
Windows Autopilot overview Configure Windows Autopilot profile Self-service deploy DeviceIDs Hardware Vendor IT Admin Ship Deliver direct to Employee Employee unboxes device, self-deploys Intune Windows Autopilot Device sync Autopilot profile sync
Windows Autopilot Self-Deploying Mode Pre-requisites Windows 10 version 1809 or higher running on a device with TPM 2.0 One of the following, to provide needed Azure Active Directory (automatic MDM enrollment and company branding features) and MDM functionality: Microsoft 365 Business subscriptions Microsoft 365 F1 subscriptions Microsoft 365 Enterprise E3 or E5 subscriptions, which include all Windows 10, Office 365, and EM+S features (Azure AD and Intune) Enterprise Mobility + Security E3 or E5 subscriptions, which include all needed Azure AD and Intune features Azure Active Directory Premium P1 or P2 and Intune subscriptions (or an alternative MDM service) See https://docs.microsoft.com/en-us/windows/deployment/windows-autopilot/windows- autopilot-requirements-licensing for more information
for existing devices
January 14, 2020
Windows Autopilot
Design notes Upgrading the OS is just part of the problem Need to migrate user data from Win7 to Win10 Unable to harvest hardware hashes in Win7
Here’s how it works Deploy group policy to redirect Known Folders to OneDrive Generate Autopilot Reuse configuration file Deploy Task Sequence to upgrade to Windows 10 Windows 10 machine goes through Autopilot on first boot
Windows Autopilot for existing devices Prerequisites: Windows 10 1809 and above Azure Active Directory Premium Microsoft Intune System Center Configuration Manager current branch (TBD) Steps: 1. Create task sequence to deploy generic Windows 10 image with needed drivers (wipe-and-load) 2. Migrate data to OneDrive for Business (in advance) 3. Deploy task sequence to existing Windows 7 devices, installing Windows 10 and proceeding through Windows Autopilot user- driven process to join device to Azure AD
Windows Autopilot (1).pdf
Windows Autopilot (1).pdf
Windows Autopilot (1).pdf

Recommended

5 modern desktop - windows autopilot
5 modern desktop - windows autopilot5 modern desktop - windows autopilot
5 modern desktop - windows autopilotAndrew Bettany
 
Modern deployment with Autopilot and Azure AD
Modern deployment with Autopilot and Azure ADModern deployment with Autopilot and Azure AD
Modern deployment with Autopilot and Azure ADFabian Niesen
 
Windows Autopilot - Workplace Nijna Summmit 2020
Windows Autopilot - Workplace Nijna Summmit 2020Windows Autopilot - Workplace Nijna Summmit 2020
Windows Autopilot - Workplace Nijna Summmit 2020Ronni Pedersen
 
Modern Devices Management
Modern Devices ManagementModern Devices Management
Modern Devices ManagementAtanas Gergiminov
 
Preparing your enteprise for Hybrid AD Join and Conditional Access
Preparing your enteprise for Hybrid AD Join and Conditional AccessPreparing your enteprise for Hybrid AD Join and Conditional Access
Preparing your enteprise for Hybrid AD Join and Conditional AccessJason Condo
 
Get started with Windows AutoPilot Deployment
Get started with Windows AutoPilot DeploymentGet started with Windows AutoPilot Deployment
Get started with Windows AutoPilot DeploymentMicrosoft
 
EPC Group Intune Practice and Capabilities Overview
EPC Group Intune Practice and Capabilities OverviewEPC Group Intune Practice and Capabilities Overview
EPC Group Intune Practice and Capabilities OverviewEPC Group
 
Microsoft 365 UG Windows Autopilot 1st May 2019
Microsoft 365 UG Windows Autopilot 1st May 2019Microsoft 365 UG Windows Autopilot 1st May 2019
Microsoft 365 UG Windows Autopilot 1st May 2019Andrew Bettany
 

Recommended

5 modern desktop - windows autopilot
5 modern desktop - windows autopilot5 modern desktop - windows autopilot
5 modern desktop - windows autopilotAndrew Bettany
 
Modern deployment with Autopilot and Azure AD
Modern deployment with Autopilot and Azure ADModern deployment with Autopilot and Azure AD
Modern deployment with Autopilot and Azure ADFabian Niesen
 
Windows Autopilot - Workplace Nijna Summmit 2020
Windows Autopilot - Workplace Nijna Summmit 2020Windows Autopilot - Workplace Nijna Summmit 2020
Windows Autopilot - Workplace Nijna Summmit 2020Ronni Pedersen
 
Modern Devices Management
Modern Devices ManagementModern Devices Management
Modern Devices ManagementAtanas Gergiminov
 
Preparing your enteprise for Hybrid AD Join and Conditional Access
Preparing your enteprise for Hybrid AD Join and Conditional AccessPreparing your enteprise for Hybrid AD Join and Conditional Access
Preparing your enteprise for Hybrid AD Join and Conditional AccessJason Condo
 
Get started with Windows AutoPilot Deployment
Get started with Windows AutoPilot DeploymentGet started with Windows AutoPilot Deployment
Get started with Windows AutoPilot DeploymentMicrosoft
 
EPC Group Intune Practice and Capabilities Overview
EPC Group Intune Practice and Capabilities OverviewEPC Group Intune Practice and Capabilities Overview
EPC Group Intune Practice and Capabilities OverviewEPC Group
 
Microsoft 365 UG Windows Autopilot 1st May 2019
Microsoft 365 UG Windows Autopilot 1st May 2019Microsoft 365 UG Windows Autopilot 1st May 2019
Microsoft 365 UG Windows Autopilot 1st May 2019Andrew Bettany
 
Secure your Access to Cloud Apps using Microsoft Defender for Cloud Apps
Secure your Access to Cloud Apps using Microsoft Defender for Cloud AppsSecure your Access to Cloud Apps using Microsoft Defender for Cloud Apps
Secure your Access to Cloud Apps using Microsoft Defender for Cloud AppsVignesh Ganesan I Microsoft MVP
 
Modernise your Windows 10 deployment with Windows Autopilot
Modernise your Windows 10 deployment with Windows AutopilotModernise your Windows 10 deployment with Windows Autopilot
Modernise your Windows 10 deployment with Windows AutopilotAndrew Bettany
 
Azure AD Presentation - @ BITPro - Ajay
Azure AD Presentation - @ BITPro - AjayAzure AD Presentation - @ BITPro - Ajay
Azure AD Presentation - @ BITPro - AjayAnoop Nair
 
00 - Microsoft 365 Digital Workforce Workshop - Delivery Guide.pptx
00 - Microsoft 365 Digital Workforce Workshop - Delivery Guide.pptx00 - Microsoft 365 Digital Workforce Workshop - Delivery Guide.pptx
00 - Microsoft 365 Digital Workforce Workshop - Delivery Guide.pptxDuyVo750289
 
Introduction to Microsoft Enterprise Mobility + Security
Introduction to Microsoft Enterprise Mobility + SecurityIntroduction to Microsoft Enterprise Mobility + Security
Introduction to Microsoft Enterprise Mobility + SecurityAntonioMaio2
 
Windows intune
Windows intuneWindows intune
Windows intuneIron Cove Solutions
 
Managing iOS with Microsoft Intune
Managing iOS with Microsoft IntuneManaging iOS with Microsoft Intune
Managing iOS with Microsoft IntuneSimon May
 
Azure Active Directory - An Introduction
Azure Active Directory - An IntroductionAzure Active Directory - An Introduction
Azure Active Directory - An IntroductionVenkatesh Narayanan
 
An introduction to Defender for Business
An introduction to Defender for BusinessAn introduction to Defender for Business
An introduction to Defender for BusinessRobert Crane
 
Microsoft Intune - Empowering Enterprise Mobility - Presented by Atidan
Microsoft Intune - Empowering Enterprise Mobility - Presented by Atidan Microsoft Intune - Empowering Enterprise Mobility - Presented by Atidan
Microsoft Intune - Empowering Enterprise Mobility - Presented by Atidan David J Rosenthal
 
End to End Guide Windows AutoPilot Process via Intune
End to End Guide Windows AutoPilot Process via IntuneEnd to End Guide Windows AutoPilot Process via Intune
End to End Guide Windows AutoPilot Process via IntuneAnoop Nair
 
Microsoft Defender for Endpoint
Microsoft Defender for EndpointMicrosoft Defender for Endpoint
Microsoft Defender for EndpointCheah Eng Soon
 
Microsoft Office 365 Security and Compliance
Microsoft Office 365 Security and ComplianceMicrosoft Office 365 Security and Compliance
Microsoft Office 365 Security and ComplianceDavid J Rosenthal
 
Microsoft 365 Enterprise Security with E5 Overview
Microsoft 365 Enterprise Security with E5 OverviewMicrosoft 365 Enterprise Security with E5 Overview
Microsoft 365 Enterprise Security with E5 OverviewDavid J Rosenthal
 
Pitching Microsoft 365
Pitching Microsoft 365Pitching Microsoft 365
Pitching Microsoft 365Robert Crane
 
Microsoft Enterprise Mobility Suite Presented by Atidan
Microsoft Enterprise Mobility Suite Presented by AtidanMicrosoft Enterprise Mobility Suite Presented by Atidan
Microsoft Enterprise Mobility Suite Presented by AtidanDavid J Rosenthal
 
Working with MS Endpoint Manager
Working with MS Endpoint ManagerWorking with MS Endpoint Manager
Working with MS Endpoint ManagerGeorge Grammatikos
 
Access Security - Privileged Identity Management
Access Security - Privileged Identity ManagementAccess Security - Privileged Identity Management
Access Security - Privileged Identity ManagementEng Teong Cheah
 
Enterprise Mobility+Security Overview
Enterprise Mobility+Security Overview Enterprise Mobility+Security Overview
Enterprise Mobility+Security Overview Chris Genazzio
 
Microsoft Office 365 Advanced Threat Protection
Microsoft Office 365 Advanced Threat ProtectionMicrosoft Office 365 Advanced Threat Protection
Microsoft Office 365 Advanced Threat ProtectionDavid J Rosenthal
 
SpiceWorks All Access IT 2019 Windows Autopilot
SpiceWorks All Access IT 2019 Windows AutopilotSpiceWorks All Access IT 2019 Windows Autopilot
SpiceWorks All Access IT 2019 Windows AutopilotAndrew Bettany
 
Llunitebe2018 implement modern management as like brewing a beer
Llunitebe2018 implement modern management as like brewing a beerLlunitebe2018 implement modern management as like brewing a beer
Llunitebe2018 implement modern management as like brewing a beerKenny Buntinx
 

More Related Content

What's hot

Secure your Access to Cloud Apps using Microsoft Defender for Cloud Apps
Secure your Access to Cloud Apps using Microsoft Defender for Cloud AppsSecure your Access to Cloud Apps using Microsoft Defender for Cloud Apps
Secure your Access to Cloud Apps using Microsoft Defender for Cloud AppsVignesh Ganesan I Microsoft MVP
 
Modernise your Windows 10 deployment with Windows Autopilot
Modernise your Windows 10 deployment with Windows AutopilotModernise your Windows 10 deployment with Windows Autopilot
Modernise your Windows 10 deployment with Windows AutopilotAndrew Bettany
 
Azure AD Presentation - @ BITPro - Ajay
Azure AD Presentation - @ BITPro - AjayAzure AD Presentation - @ BITPro - Ajay
Azure AD Presentation - @ BITPro - AjayAnoop Nair
 
00 - Microsoft 365 Digital Workforce Workshop - Delivery Guide.pptx
00 - Microsoft 365 Digital Workforce Workshop - Delivery Guide.pptx00 - Microsoft 365 Digital Workforce Workshop - Delivery Guide.pptx
00 - Microsoft 365 Digital Workforce Workshop - Delivery Guide.pptxDuyVo750289
 
Introduction to Microsoft Enterprise Mobility + Security
Introduction to Microsoft Enterprise Mobility + SecurityIntroduction to Microsoft Enterprise Mobility + Security
Introduction to Microsoft Enterprise Mobility + SecurityAntonioMaio2
 
Managing iOS with Microsoft Intune
Managing iOS with Microsoft IntuneManaging iOS with Microsoft Intune
Managing iOS with Microsoft IntuneSimon May
 
Azure Active Directory - An Introduction
Azure Active Directory - An IntroductionAzure Active Directory - An Introduction
Azure Active Directory - An IntroductionVenkatesh Narayanan
 
An introduction to Defender for Business
An introduction to Defender for BusinessAn introduction to Defender for Business
An introduction to Defender for BusinessRobert Crane
 
Microsoft Intune - Empowering Enterprise Mobility - Presented by Atidan
Microsoft Intune - Empowering Enterprise Mobility - Presented by Atidan Microsoft Intune - Empowering Enterprise Mobility - Presented by Atidan
Microsoft Intune - Empowering Enterprise Mobility - Presented by Atidan David J Rosenthal
 
End to End Guide Windows AutoPilot Process via Intune
End to End Guide Windows AutoPilot Process via IntuneEnd to End Guide Windows AutoPilot Process via Intune
End to End Guide Windows AutoPilot Process via IntuneAnoop Nair
 
Microsoft Defender for Endpoint
Microsoft Defender for EndpointMicrosoft Defender for Endpoint
Microsoft Defender for EndpointCheah Eng Soon
 
Microsoft Office 365 Security and Compliance
Microsoft Office 365 Security and ComplianceMicrosoft Office 365 Security and Compliance
Microsoft Office 365 Security and ComplianceDavid J Rosenthal
 
Microsoft 365 Enterprise Security with E5 Overview
Microsoft 365 Enterprise Security with E5 OverviewMicrosoft 365 Enterprise Security with E5 Overview
Microsoft 365 Enterprise Security with E5 OverviewDavid J Rosenthal
 
Pitching Microsoft 365
Pitching Microsoft 365Pitching Microsoft 365
Pitching Microsoft 365Robert Crane
 
Microsoft Enterprise Mobility Suite Presented by Atidan
Microsoft Enterprise Mobility Suite Presented by AtidanMicrosoft Enterprise Mobility Suite Presented by Atidan
Microsoft Enterprise Mobility Suite Presented by AtidanDavid J Rosenthal
 
Working with MS Endpoint Manager
Working with MS Endpoint ManagerWorking with MS Endpoint Manager
Working with MS Endpoint ManagerGeorge Grammatikos
 
Access Security - Privileged Identity Management
Access Security - Privileged Identity ManagementAccess Security - Privileged Identity Management
Access Security - Privileged Identity ManagementEng Teong Cheah
 
Enterprise Mobility+Security Overview
Enterprise Mobility+Security Overview Enterprise Mobility+Security Overview
Enterprise Mobility+Security Overview Chris Genazzio
 
Microsoft Office 365 Advanced Threat Protection
Microsoft Office 365 Advanced Threat ProtectionMicrosoft Office 365 Advanced Threat Protection
Microsoft Office 365 Advanced Threat ProtectionDavid J Rosenthal
 

What's hot (20)

Secure your Access to Cloud Apps using Microsoft Defender for Cloud Apps
Secure your Access to Cloud Apps using Microsoft Defender for Cloud AppsSecure your Access to Cloud Apps using Microsoft Defender for Cloud Apps
Secure your Access to Cloud Apps using Microsoft Defender for Cloud Apps
 
Modernise your Windows 10 deployment with Windows Autopilot
Modernise your Windows 10 deployment with Windows AutopilotModernise your Windows 10 deployment with Windows Autopilot
Modernise your Windows 10 deployment with Windows Autopilot
 
Azure AD Presentation - @ BITPro - Ajay
Azure AD Presentation - @ BITPro - AjayAzure AD Presentation - @ BITPro - Ajay
Azure AD Presentation - @ BITPro - Ajay
 
00 - Microsoft 365 Digital Workforce Workshop - Delivery Guide.pptx
00 - Microsoft 365 Digital Workforce Workshop - Delivery Guide.pptx00 - Microsoft 365 Digital Workforce Workshop - Delivery Guide.pptx
00 - Microsoft 365 Digital Workforce Workshop - Delivery Guide.pptx
 
Introduction to Microsoft Enterprise Mobility + Security
Introduction to Microsoft Enterprise Mobility + SecurityIntroduction to Microsoft Enterprise Mobility + Security
Introduction to Microsoft Enterprise Mobility + Security
 
Windows intune
Windows intuneWindows intune
Windows intune
 
Managing iOS with Microsoft Intune
Managing iOS with Microsoft IntuneManaging iOS with Microsoft Intune
Managing iOS with Microsoft Intune
 
Azure Active Directory - An Introduction
Azure Active Directory - An IntroductionAzure Active Directory - An Introduction
Azure Active Directory - An Introduction
 
An introduction to Defender for Business
An introduction to Defender for BusinessAn introduction to Defender for Business
An introduction to Defender for Business
 
Microsoft Intune - Empowering Enterprise Mobility - Presented by Atidan
Microsoft Intune - Empowering Enterprise Mobility - Presented by Atidan Microsoft Intune - Empowering Enterprise Mobility - Presented by Atidan
Microsoft Intune - Empowering Enterprise Mobility - Presented by Atidan
 
End to End Guide Windows AutoPilot Process via Intune
End to End Guide Windows AutoPilot Process via IntuneEnd to End Guide Windows AutoPilot Process via Intune
End to End Guide Windows AutoPilot Process via Intune
 
Microsoft Defender for Endpoint
Microsoft Defender for EndpointMicrosoft Defender for Endpoint
Microsoft Defender for Endpoint
 
Microsoft Office 365 Security and Compliance
Microsoft Office 365 Security and ComplianceMicrosoft Office 365 Security and Compliance
Microsoft Office 365 Security and Compliance
 
Microsoft 365 Enterprise Security with E5 Overview
Microsoft 365 Enterprise Security with E5 OverviewMicrosoft 365 Enterprise Security with E5 Overview
Microsoft 365 Enterprise Security with E5 Overview
 
Pitching Microsoft 365
Pitching Microsoft 365Pitching Microsoft 365
Pitching Microsoft 365
 
Microsoft Enterprise Mobility Suite Presented by Atidan
Microsoft Enterprise Mobility Suite Presented by AtidanMicrosoft Enterprise Mobility Suite Presented by Atidan
Microsoft Enterprise Mobility Suite Presented by Atidan
 
Working with MS Endpoint Manager
Working with MS Endpoint ManagerWorking with MS Endpoint Manager
Working with MS Endpoint Manager
 
Access Security - Privileged Identity Management
Access Security - Privileged Identity ManagementAccess Security - Privileged Identity Management
Access Security - Privileged Identity Management
 
Enterprise Mobility+Security Overview
Enterprise Mobility+Security Overview Enterprise Mobility+Security Overview
Enterprise Mobility+Security Overview
 
Microsoft Office 365 Advanced Threat Protection
Microsoft Office 365 Advanced Threat ProtectionMicrosoft Office 365 Advanced Threat Protection
Microsoft Office 365 Advanced Threat Protection
 

Similar to Windows Autopilot (1).pdf

SpiceWorks All Access IT 2019 Windows Autopilot
SpiceWorks All Access IT 2019 Windows AutopilotSpiceWorks All Access IT 2019 Windows Autopilot
SpiceWorks All Access IT 2019 Windows AutopilotAndrew Bettany
 
Llunitebe2018 implement modern management as like brewing a beer
Llunitebe2018 implement modern management as like brewing a beerLlunitebe2018 implement modern management as like brewing a beer
Llunitebe2018 implement modern management as like brewing a beerKenny Buntinx
 
Hied device Autopilot in Microsoft inTune
Hied device Autopilot in Microsoft inTuneHied device Autopilot in Microsoft inTune
Hied device Autopilot in Microsoft inTuneRafaelw23
 
Atea ems the next level
Atea ems the next levelAtea ems the next level
Atea ems the next levelPer Larsen
 
Ewug.dk ems the next level
Ewug.dk ems the next levelEwug.dk ems the next level
Ewug.dk ems the next levelPer Larsen
 
Windows 10 Autopilot #BITPro User Group Event
Windows 10 Autopilot #BITPro User Group EventWindows 10 Autopilot #BITPro User Group Event
Windows 10 Autopilot #BITPro User Group EventAnoop Nair
 
System Center 2012 R2 Configuration Manager (SCCM) with Windows Intune
System Center 2012 R2 Configuration Manager (SCCM) with Windows IntuneSystem Center 2012 R2 Configuration Manager (SCCM) with Windows Intune
System Center 2012 R2 Configuration Manager (SCCM) with Windows IntuneAmit Gatenyo
 
Mdm with config mgr nico
Mdm with config mgr nicoMdm with config mgr nico
Mdm with config mgr nicoKenny Buntinx
 
Experts Live Europe 2017 - Windows 10 and the cloud - why the future needs hy...
Experts Live Europe 2017 - Windows 10 and the cloud - why the future needs hy...Experts Live Europe 2017 - Windows 10 and the cloud - why the future needs hy...
Experts Live Europe 2017 - Windows 10 and the cloud - why the future needs hy...Alexander Benoit
 
Getting started with the Enterprise Mobility Suite (EMS)
Getting started with the Enterprise Mobility Suite (EMS)Getting started with the Enterprise Mobility Suite (EMS)
Getting started with the Enterprise Mobility Suite (EMS)Ronni Pedersen
 
Wally Mead - Deploying a system center 2012 r2 configuration manager environm...
Wally Mead - Deploying a system center 2012 r2 configuration manager environm...Wally Mead - Deploying a system center 2012 r2 configuration manager environm...
Wally Mead - Deploying a system center 2012 r2 configuration manager environm...Nordic Infrastructure Conference
 
Microsoft Enterprise Mobility Suite Launch Presentation - Atidan
Microsoft Enterprise Mobility Suite Launch Presentation - AtidanMicrosoft Enterprise Mobility Suite Launch Presentation - Atidan
Microsoft Enterprise Mobility Suite Launch Presentation - AtidanDavid J Rosenthal
 
Unified client management session from Microsoft partner boot camp
Unified client management session from Microsoft partner boot campUnified client management session from Microsoft partner boot camp
Unified client management session from Microsoft partner boot campOlav Tvedt
 
Sysctr Track: Managing your hybrid Mobile cloud Workforce Demystified with Sy...
Sysctr Track: Managing your hybrid Mobile cloud Workforce Demystified with Sy...Sysctr Track: Managing your hybrid Mobile cloud Workforce Demystified with Sy...
Sysctr Track: Managing your hybrid Mobile cloud Workforce Demystified with Sy...ITProceed
 
WMUG NL Tuesday - Latest and greatest in the world of Configuration Manager
WMUG NL Tuesday - Latest and greatest in the world of Configuration ManagerWMUG NL Tuesday - Latest and greatest in the world of Configuration Manager
WMUG NL Tuesday - Latest and greatest in the world of Configuration ManagerTim De Keukelaere
 
Mobile Device Management for Office 365 - Atidan
Mobile Device Management for Office 365 - AtidanMobile Device Management for Office 365 - Atidan
Mobile Device Management for Office 365 - AtidanDavid J Rosenthal
 
Enterprise Mobility (Admin)
Enterprise Mobility (Admin)Enterprise Mobility (Admin)
Enterprise Mobility (Admin)Microsoft
 

Similar to Windows Autopilot (1).pdf (20)

SpiceWorks All Access IT 2019 Windows Autopilot
SpiceWorks All Access IT 2019 Windows AutopilotSpiceWorks All Access IT 2019 Windows Autopilot
SpiceWorks All Access IT 2019 Windows Autopilot
 
Llunitebe2018 implement modern management as like brewing a beer
Llunitebe2018 implement modern management as like brewing a beerLlunitebe2018 implement modern management as like brewing a beer
Llunitebe2018 implement modern management as like brewing a beer
 
Hied device Autopilot in Microsoft inTune
Hied device Autopilot in Microsoft inTuneHied device Autopilot in Microsoft inTune
Hied device Autopilot in Microsoft inTune
 
Windows 8.1 a closer look
Windows 8.1 a closer lookWindows 8.1 a closer look
Windows 8.1 a closer look
 
Atea ems the next level
Atea ems the next levelAtea ems the next level
Atea ems the next level
 
Ewug.dk ems the next level
Ewug.dk ems the next levelEwug.dk ems the next level
Ewug.dk ems the next level
 
Windows 10 Autopilot #BITPro User Group Event
Windows 10 Autopilot #BITPro User Group EventWindows 10 Autopilot #BITPro User Group Event
Windows 10 Autopilot #BITPro User Group Event
 
System Center 2012 R2 Configuration Manager (SCCM) with Windows Intune
System Center 2012 R2 Configuration Manager (SCCM) with Windows IntuneSystem Center 2012 R2 Configuration Manager (SCCM) with Windows Intune
System Center 2012 R2 Configuration Manager (SCCM) with Windows Intune
 
Mdm with config mgr nico
Mdm with config mgr nicoMdm with config mgr nico
Mdm with config mgr nico
 
Mdm with config mgr nico
Mdm with config mgr nicoMdm with config mgr nico
Mdm with config mgr nico
 
Experts Live Europe 2017 - Windows 10 and the cloud - why the future needs hy...
Experts Live Europe 2017 - Windows 10 and the cloud - why the future needs hy...Experts Live Europe 2017 - Windows 10 and the cloud - why the future needs hy...
Experts Live Europe 2017 - Windows 10 and the cloud - why the future needs hy...
 
Getting started with the Enterprise Mobility Suite (EMS)
Getting started with the Enterprise Mobility Suite (EMS)Getting started with the Enterprise Mobility Suite (EMS)
Getting started with the Enterprise Mobility Suite (EMS)
 
Bsm mw10
Bsm mw10Bsm mw10
Bsm mw10
 
Wally Mead - Deploying a system center 2012 r2 configuration manager environm...
Wally Mead - Deploying a system center 2012 r2 configuration manager environm...Wally Mead - Deploying a system center 2012 r2 configuration manager environm...
Wally Mead - Deploying a system center 2012 r2 configuration manager environm...
 
Microsoft Enterprise Mobility Suite Launch Presentation - Atidan
Microsoft Enterprise Mobility Suite Launch Presentation - AtidanMicrosoft Enterprise Mobility Suite Launch Presentation - Atidan
Microsoft Enterprise Mobility Suite Launch Presentation - Atidan
 
Unified client management session from Microsoft partner boot camp
Unified client management session from Microsoft partner boot campUnified client management session from Microsoft partner boot camp
Unified client management session from Microsoft partner boot camp
 
Sysctr Track: Managing your hybrid Mobile cloud Workforce Demystified with Sy...
Sysctr Track: Managing your hybrid Mobile cloud Workforce Demystified with Sy...Sysctr Track: Managing your hybrid Mobile cloud Workforce Demystified with Sy...
Sysctr Track: Managing your hybrid Mobile cloud Workforce Demystified with Sy...
 
WMUG NL Tuesday - Latest and greatest in the world of Configuration Manager
WMUG NL Tuesday - Latest and greatest in the world of Configuration ManagerWMUG NL Tuesday - Latest and greatest in the world of Configuration Manager
WMUG NL Tuesday - Latest and greatest in the world of Configuration Manager
 
Mobile Device Management for Office 365 - Atidan
Mobile Device Management for Office 365 - AtidanMobile Device Management for Office 365 - Atidan
Mobile Device Management for Office 365 - Atidan
 
Enterprise Mobility (Admin)
Enterprise Mobility (Admin)Enterprise Mobility (Admin)
Enterprise Mobility (Admin)
 

Recently uploaded

Food safety_Challenges food safety laboratories_.pdf
Food safety_Challenges food safety laboratories_.pdfFood safety_Challenges food safety laboratories_.pdf
Food safety_Challenges food safety laboratories_.pdfSherif Taha
 
How to Add New Custom Addons Path in Odoo 17
How to Add New Custom Addons Path in Odoo 17How to Add New Custom Addons Path in Odoo 17
How to Add New Custom Addons Path in Odoo 17Celine George
 
Tatlong Kwento ni Lola basyang-1.pdf arts
Tatlong Kwento ni Lola basyang-1.pdf artsTatlong Kwento ni Lola basyang-1.pdf arts
Tatlong Kwento ni Lola basyang-1.pdf artsNbelano25
 
OSCM Unit 2_Operations Processes & Systems
OSCM Unit 2_Operations Processes & SystemsOSCM Unit 2_Operations Processes & Systems
OSCM Unit 2_Operations Processes & SystemsSandeep D Chaudhary
 
HMCS Max Bernays Pre-Deployment Brief (May 2024).pptx
HMCS Max Bernays Pre-Deployment Brief (May 2024).pptxHMCS Max Bernays Pre-Deployment Brief (May 2024).pptx
HMCS Max Bernays Pre-Deployment Brief (May 2024).pptxEsquimalt MFRC
 
Unit 3 Emotional Intelligence and Spiritual Intelligence.pdf
Unit 3 Emotional Intelligence and Spiritual Intelligence.pdfUnit 3 Emotional Intelligence and Spiritual Intelligence.pdf
Unit 3 Emotional Intelligence and Spiritual Intelligence.pdfDr Vijay Vishwakarma
 
80 ĐỀ THI THỬ TUYỂN SINH TIẾNG ANH VÀO 10 SỞ GD – ĐT THÀNH PHỐ HỒ CHÍ MINH NĂ...
80 ĐỀ THI THỬ TUYỂN SINH TIẾNG ANH VÀO 10 SỞ GD – ĐT THÀNH PHỐ HỒ CHÍ MINH NĂ...80 ĐỀ THI THỬ TUYỂN SINH TIẾNG ANH VÀO 10 SỞ GD – ĐT THÀNH PHỐ HỒ CHÍ MINH NĂ...
80 ĐỀ THI THỬ TUYỂN SINH TIẾNG ANH VÀO 10 SỞ GD – ĐT THÀNH PHỐ HỒ CHÍ MINH NĂ...Nguyen Thanh Tu Collection
 
How to setup Pycharm environment for Odoo 17.pptx
How to setup Pycharm environment for Odoo 17.pptxHow to setup Pycharm environment for Odoo 17.pptx
How to setup Pycharm environment for Odoo 17.pptxCeline George
 
dusjagr & nano talk on open tools for agriculture research and learning
dusjagr & nano talk on open tools for agriculture research and learningdusjagr & nano talk on open tools for agriculture research and learning
dusjagr & nano talk on open tools for agriculture research and learningMarc Dusseiller Dusjagr
 
21st_Century_Skills_Framework_Final_Presentation_2.pptx
21st_Century_Skills_Framework_Final_Presentation_2.pptx21st_Century_Skills_Framework_Final_Presentation_2.pptx
21st_Century_Skills_Framework_Final_Presentation_2.pptxJoelynRubio1
 
Simple, Complex, and Compound Sentences Exercises.pdf
Simple, Complex, and Compound Sentences Exercises.pdfSimple, Complex, and Compound Sentences Exercises.pdf
Simple, Complex, and Compound Sentences Exercises.pdfstareducators107
 
Basic Intentional Injuries Health Education
Basic Intentional Injuries Health EducationBasic Intentional Injuries Health Education
Basic Intentional Injuries Health EducationNeilDeclaro1
 
Exploring_the_Narrative_Style_of_Amitav_Ghoshs_Gun_Island.pptx
Exploring_the_Narrative_Style_of_Amitav_Ghoshs_Gun_Island.pptxExploring_the_Narrative_Style_of_Amitav_Ghoshs_Gun_Island.pptx
Exploring_the_Narrative_Style_of_Amitav_Ghoshs_Gun_Island.pptxPooja Bhuva
 
Google Gemini An AI Revolution in Education.pptx
Google Gemini An AI Revolution in Education.pptxGoogle Gemini An AI Revolution in Education.pptx
Google Gemini An AI Revolution in Education.pptxDr. Sarita Anand
 
How to Create and Manage Wizard in Odoo 17
How to Create and Manage Wizard in Odoo 17How to Create and Manage Wizard in Odoo 17
How to Create and Manage Wizard in Odoo 17Celine George
 
Graduate Outcomes Presentation Slides - English
Graduate Outcomes Presentation Slides - EnglishGraduate Outcomes Presentation Slides - English
Graduate Outcomes Presentation Slides - Englishneillewis46
 
This PowerPoint helps students to consider the concept of infinity.
This PowerPoint helps students to consider the concept of infinity.This PowerPoint helps students to consider the concept of infinity.
This PowerPoint helps students to consider the concept of infinity.christianmathematics
 
Understanding Accommodations and Modifications
Understanding Accommodations and ModificationsUnderstanding Accommodations and Modifications
Understanding Accommodations and ModificationsMJDuyan
 
Wellbeing inclusion and digital dystopias.pptx
Wellbeing inclusion and digital dystopias.pptxWellbeing inclusion and digital dystopias.pptx
Wellbeing inclusion and digital dystopias.pptxJisc
 

Recently uploaded (20)

Food safety_Challenges food safety laboratories_.pdf
Food safety_Challenges food safety laboratories_.pdfFood safety_Challenges food safety laboratories_.pdf
Food safety_Challenges food safety laboratories_.pdf
 
Call Girls in Uttam Nagar (delhi) call me [🔝9953056974🔝] escort service 24X7
Call Girls in Uttam Nagar (delhi) call me [🔝9953056974🔝] escort service 24X7Call Girls in Uttam Nagar (delhi) call me [🔝9953056974🔝] escort service 24X7
Call Girls in Uttam Nagar (delhi) call me [🔝9953056974🔝] escort service 24X7
 
How to Add New Custom Addons Path in Odoo 17
How to Add New Custom Addons Path in Odoo 17How to Add New Custom Addons Path in Odoo 17
How to Add New Custom Addons Path in Odoo 17
 
Tatlong Kwento ni Lola basyang-1.pdf arts
Tatlong Kwento ni Lola basyang-1.pdf artsTatlong Kwento ni Lola basyang-1.pdf arts
Tatlong Kwento ni Lola basyang-1.pdf arts
 
OSCM Unit 2_Operations Processes & Systems
OSCM Unit 2_Operations Processes & SystemsOSCM Unit 2_Operations Processes & Systems
OSCM Unit 2_Operations Processes & Systems
 
HMCS Max Bernays Pre-Deployment Brief (May 2024).pptx
HMCS Max Bernays Pre-Deployment Brief (May 2024).pptxHMCS Max Bernays Pre-Deployment Brief (May 2024).pptx
HMCS Max Bernays Pre-Deployment Brief (May 2024).pptx
 
Unit 3 Emotional Intelligence and Spiritual Intelligence.pdf
Unit 3 Emotional Intelligence and Spiritual Intelligence.pdfUnit 3 Emotional Intelligence and Spiritual Intelligence.pdf
Unit 3 Emotional Intelligence and Spiritual Intelligence.pdf
 
80 ĐỀ THI THỬ TUYỂN SINH TIẾNG ANH VÀO 10 SỞ GD – ĐT THÀNH PHỐ HỒ CHÍ MINH NĂ...
80 ĐỀ THI THỬ TUYỂN SINH TIẾNG ANH VÀO 10 SỞ GD – ĐT THÀNH PHỐ HỒ CHÍ MINH NĂ...80 ĐỀ THI THỬ TUYỂN SINH TIẾNG ANH VÀO 10 SỞ GD – ĐT THÀNH PHỐ HỒ CHÍ MINH NĂ...
80 ĐỀ THI THỬ TUYỂN SINH TIẾNG ANH VÀO 10 SỞ GD – ĐT THÀNH PHỐ HỒ CHÍ MINH NĂ...
 
How to setup Pycharm environment for Odoo 17.pptx
How to setup Pycharm environment for Odoo 17.pptxHow to setup Pycharm environment for Odoo 17.pptx
How to setup Pycharm environment for Odoo 17.pptx
 
dusjagr & nano talk on open tools for agriculture research and learning
dusjagr & nano talk on open tools for agriculture research and learningdusjagr & nano talk on open tools for agriculture research and learning
dusjagr & nano talk on open tools for agriculture research and learning
 
21st_Century_Skills_Framework_Final_Presentation_2.pptx
21st_Century_Skills_Framework_Final_Presentation_2.pptx21st_Century_Skills_Framework_Final_Presentation_2.pptx
21st_Century_Skills_Framework_Final_Presentation_2.pptx
 
Simple, Complex, and Compound Sentences Exercises.pdf
Simple, Complex, and Compound Sentences Exercises.pdfSimple, Complex, and Compound Sentences Exercises.pdf
Simple, Complex, and Compound Sentences Exercises.pdf
 
Basic Intentional Injuries Health Education
Basic Intentional Injuries Health EducationBasic Intentional Injuries Health Education
Basic Intentional Injuries Health Education
 
Exploring_the_Narrative_Style_of_Amitav_Ghoshs_Gun_Island.pptx
Exploring_the_Narrative_Style_of_Amitav_Ghoshs_Gun_Island.pptxExploring_the_Narrative_Style_of_Amitav_Ghoshs_Gun_Island.pptx
Exploring_the_Narrative_Style_of_Amitav_Ghoshs_Gun_Island.pptx
 
Google Gemini An AI Revolution in Education.pptx
Google Gemini An AI Revolution in Education.pptxGoogle Gemini An AI Revolution in Education.pptx
Google Gemini An AI Revolution in Education.pptx
 
How to Create and Manage Wizard in Odoo 17
How to Create and Manage Wizard in Odoo 17How to Create and Manage Wizard in Odoo 17
How to Create and Manage Wizard in Odoo 17
 
Graduate Outcomes Presentation Slides - English
Graduate Outcomes Presentation Slides - EnglishGraduate Outcomes Presentation Slides - English
Graduate Outcomes Presentation Slides - English
 
This PowerPoint helps students to consider the concept of infinity.
This PowerPoint helps students to consider the concept of infinity.This PowerPoint helps students to consider the concept of infinity.
This PowerPoint helps students to consider the concept of infinity.
 
Understanding Accommodations and Modifications
Understanding Accommodations and ModificationsUnderstanding Accommodations and Modifications
Understanding Accommodations and Modifications
 
Wellbeing inclusion and digital dystopias.pptx
Wellbeing inclusion and digital dystopias.pptxWellbeing inclusion and digital dystopias.pptx
Wellbeing inclusion and digital dystopias.pptx
 

Windows Autopilot (1).pdf

  • 2. Traditional Windows deployment // The old way Build a custom image, gathering everything else that’s necessary to deploy Time means money, making this an expensive proposition Deploy image to a new computer, overwriting what was originally on it DRIVERS POLICIES OFFICE & APPS SETTINGS
  • 3. Modern Windows deployment // The new way Un-box and turn on off-the-shelf Windows PC Device is ready for productive use Transform with minimal user interaction
  • 4. Key Benefits: No more maintenance of images and drivers No need for IT to touch the devices Simple process for users and IT Integration in the device supply chain Reset device back to a business ready state Device lifecycle management with Windows Autopilot and Intune Business ready Break fix Retirement Management Procurement Deployment
  • 5. OEM-optimized Windows 10 + Software + Settings + Updates + Features + User data Ready for productive use The transformation
  • 6.
  • 7. Windows Autopilot deployment Three simple steps Register devices Assign an Autopilot profile to the devices Ship the device to the user Cloud driven
  • 8. Administering Windows Autopilot Microsoft Store for Business Microsoft Intune Partner Center Microsoft 365 Business
  • 10.
  • 11. OEMs, distributors, and resellers make the process easy: • Automatically add new devices to Azure tenant at time of shipment • Associate devices to customer’s purchase order for easy device grouping • Tag devices with a customer specified label • Provide an preinstalled image that is ready for configuration* For a list of those supporting Windows Autopilot supply chain integration please visit: https://aka.ms/WindowsAutopilot Registering new devices Supply chain integration
  • 12. If you have existing Windows 10 devices: • Enable new Autopilot profile setting for all targeted devices • Ensure the Autopilot profile is assigned to a group containing the existing Windows 10 devices If your existing Windows 10 devices are not yet Intune- managed: • Enable co-management with ConfigMgr via the “Automatic enrollment into Intune” setting. (See https://docs.microsoft.com/en- us/sccm/core/clients/manage/co-management-overview#enable-co-management) • Ensure all new Intune-enrolled Windows 10 devices are part of a group with an assigned Autopilot profile Registering existing devices Automatically for all Intune-managed Windows 10 devices
  • 13. To register existing devices: • Use the PowerShell script available at https://www.powershellgallery.com/packages/Get- WindowsAutoPilotInfo • Run for each device (requires Windows 10 1703 or higher) • Upload resulting CSV file via Intune portal • See https://docs.microsoft.com/en- us/windows/deployment/windows-autopilot/add- devices#collecting-the-hardware-id-from-existing-devices- using-powershell for more information Great for testing and validation with existing devices and virtual machines Registering existing devices Manually for existing devices
  • 14. Step 2. Assign profile
  • 15. Configure important details: • Deployment mode • Specific settings required for the deployment mode • New! BitLocker encryption even for non-admin users (requires Windows 10 1809) • Out-of-box experience (OOBE) settings • New! Hide change account options (requires Windows 10 1809) • New! Device naming pattern, supporting variable substitution (requires Windows 10 1809): • %SERIAL% • %RAND:x% (where X is the number of digits) Creating an Autopilot profile
  • 16. If you have existing Windows 10 devices: • An Azure AD device object is automatically created for each imported Autopilot device • Create one or more Azure AD groups • Assign an Autopilot profile to the Azure AD group • Intune will automatically assign the profile to all members of the assigned group Options for grouping: • Dynamic group with all Autopilot devices • Dynamic group based on purchase order ID • Dynamic group based on device tag (orderID) • Manual Assigning an Autopilot profile Automated using groups
  • 17.
  • 18.
  • 19.
  • 21. Windows Autopilot overview Configure Windows Autopilot profile Self-service deploy DeviceIDs Hardware Vendor IT Admin Ship Deliver direct to Employee Employee unboxes device, self-deploys Intune Windows Autopilot Device sync Autopilot profile sync
  • 22. Windows 10 version 1703 or higher One of the following, to provide needed Azure Active Directory (automatic MDM enrollment and company branding features) and MDM functionality: https://docs.microsoft.com/en-us/windows/deployment/windows-autopilot/windows-autopilot- requirements-licensing
  • 24. Ensure policies, apps and settings are complete prior to the end user gaining access to the desktop Confirm minimum baseline requirements Protect data during device set up Deliver a compliant secure device Personalize the out of box experience New! Unlock Windows 10 in S mode (requires Windows 10 1809) Requirements Windows 10, version 1803 (with May cumulative update or later) Azure Active Directory Premium Microsoft Intune Windows Autopilot Enrollmentstatuspage
  • 25.
  • 26.
  • 28. AVAILABLE in 1809 AVAILABLE in 1809 AVAILABLE in 1809 AVAILABLE in 1809 AVAILABLE AVAILABLE Windows Autopilot Scenarios User-driven mode Windows 10 1703 and above Join device to Azure AD, enroll in Intune/MDM Windows Autopilot for existing devices Windows 10 1809 and above Windows 7 to Windows 10 ConfigMgr task sequence, followed by Windows Autopilot user-driven mode Self-deploying mode Windows 10 1809 and above No need to provide credentials, automatically joins Azure AD Hybrid Azure AD join Windows 10 1809 and above Join device to AD, enroll in Intune/MDM Windows Autopilot reset - local Windows 10 1709 and above Execute a device reset via a local keystroke, maintaining Azure AD join and MDM enrollment Windows Autopilot reset - remote Windows 10 1809 and above Execute a device reset via Intune and maintain Azure AD join and MDM enrollment
  • 30. Windows Autopilot User-Driven Mode Pre-requisites Windows 10 version 1703 or higher For the maximum functionality, use the latest Windows 10 release One of the following, to provide needed Azure Active Directory (automatic MDM enrollment and company branding features) and MDM functionality: Microsoft 365 Business subscriptions Microsoft 365 F1 subscriptions Microsoft 365 Enterprise E3 or E5 subscriptions, which include all Windows 10, Office 365, and EM+S features (Azure AD and Intune) Enterprise Mobility + Security E3 or E5 subscriptions, which include all needed Azure AD and Intune features Azure Active Directory Premium P1 or P2 and Intune subscriptions (or an alternative MDM service) See https://docs.microsoft.com/en-us/windows/deployment/windows-autopilot/windows- autopilot-requirements-licensing for more information
  • 31. Design notes Should be done by the end user User authenticates with Azure AD from the start Choose between admin and non-admin Typically for single-user (not shared) devices
  • 32. It should be as easy as Registering your device with Autopilot Assigning a User-Driven Autopilot Profile using Intune Connecting to a network and booting your device Authenticating with user credentials
  • 33.
  • 34. Simple process to prepare a device for a different purpose: Remove all apps, settings, and personal files Preserve Azure Active Directory join and MDM enrollment so the device is still managed Preserves provisioning packages Keeps keyboard, language, wi-fi settings* Takes 20-30 minutes to complete on typical hardware Windows Autopilot Reset (previously Windows Automatic Redeployment) Local • Windows 10 1709 and above • Initiated by an admin via Windows-Control-R keystroke from lock screen Remote • Windows 10 1809 and above • Initiated remotely via Intune
  • 35.
  • 37. VDI clients Digital signage Single app kiosk Multi app kiosk Shared PC How would you use Autopilot to deploy…
  • 38. Design notes Technicians usually set up these types of devices No defined user to auth or set up the device May not have peripherals (keyboards, mice, etc.) Typically involve “walk up and use” scenarios
  • 39. It should be as easy as Registering your device with Autopilot Assigning a Self-Deploying Autopilot Profile using Intune Connecting to a network and booting your device
  • 40.
  • 41.
  • 42. Windows Autopilot overview Configure Windows Autopilot profile Self-service deploy DeviceIDs Hardware Vendor IT Admin Ship Deliver direct to Employee Employee unboxes device, self-deploys Intune Windows Autopilot Device sync Autopilot profile sync
  • 43. Windows Autopilot Self-Deploying Mode Pre-requisites Windows 10 version 1809 or higher running on a device with TPM 2.0 One of the following, to provide needed Azure Active Directory (automatic MDM enrollment and company branding features) and MDM functionality: Microsoft 365 Business subscriptions Microsoft 365 F1 subscriptions Microsoft 365 Enterprise E3 or E5 subscriptions, which include all Windows 10, Office 365, and EM+S features (Azure AD and Intune) Enterprise Mobility + Security E3 or E5 subscriptions, which include all needed Azure AD and Intune features Azure Active Directory Premium P1 or P2 and Intune subscriptions (or an alternative MDM service) See https://docs.microsoft.com/en-us/windows/deployment/windows-autopilot/windows- autopilot-requirements-licensing for more information
  • 47. Design notes Upgrading the OS is just part of the problem Need to migrate user data from Win7 to Win10 Unable to harvest hardware hashes in Win7
  • 48. Here’s how it works Deploy group policy to redirect Known Folders to OneDrive Generate Autopilot Reuse configuration file Deploy Task Sequence to upgrade to Windows 10 Windows 10 machine goes through Autopilot on first boot
  • 49.
  • 50. Windows Autopilot for existing devices Prerequisites: Windows 10 1809 and above Azure Active Directory Premium Microsoft Intune System Center Configuration Manager current branch (TBD) Steps: 1. Create task sequence to deploy generic Windows 10 image with needed drivers (wipe-and-load) 2. Migrate data to OneDrive for Business (in advance) 3. Deploy task sequence to existing Windows 7 devices, installing Windows 10 and proceeding through Windows Autopilot user- driven process to join device to Azure AD