Kamal Goyal
Kamal Goyal

Modern Workplace Consultant

Azure Virtual Desktop

Modern Endpoint Management

Microsoft Azure

Endpoint Security

Kamal Goyal
Kamal Goyal

Modern Workplace Consultant

Azure Virtual Desktop

Modern Endpoint Management

Microsoft Azure

Endpoint Security

Download CV Contact Me
Blog Post

Windows Autopilot: A Comprehensive Guide to Streamlined Device Deployment

May 19, 2023 Modern Endpoint Management by Kamal Goyal

Windows Autopilot is a suite of technologies designed to simplify and automate the process of deploying Windows 10 and 11 devices. With Autopilot, IT administrators can seamlessly provision new devices, enroll them into management services like Intune, and apply company configurations, all without the need for traditional imaging techniques. This comprehensive guide covers the essentials of Windows Autopilot, providing step-by-step instructions to help you get started with this powerful technology.

Introduction to Windows Autopilot

As organizations increasingly adopt cloud-based infrastructure and services, the need for efficient and automated device deployment has become more crucial than ever. Windows Autopilot aims to address this need by streamlining the provisioning and management of Windows 10 and 11 devices. With Autopilot, IT admins can:

  • Pre-configure new devices
  • Reset, repurpose, and recover existing devices
  • Apply company settings and policies
  • Install company applications
  • Change Windows 10 and 11 editions for advanced features support

By leveraging Autopilot, IT departments can save time, reduce complexity, and minimize the need for physical intervention during the device deployment process.

Windows Autopilot Requirements and Prerequisites

Before diving into the setup process, it’s essential to ensure that your organization meets the necessary requirements for Windows Autopilot. These requirements include:

  • Supported Windows 10 or 11 editions such as Pro, Enterprise, and Education
  • An Azure Active Directory (Azure AD) Premium subscription or an alternative license that includes Azure AD and Intune features
  • Access to Microsoft Intune or another Mobile Device Management (MDM) service
  • Internet access for devices during the deployment process

Additionally, ensure that your network configuration allows access to the various internet-based services required by Autopilot. Consult the official Microsoft documentation for more information on the necessary network configurations.

Setting up Windows Autopilot: A Step-by-Step Guide

This section provides a detailed, step-by-step guide to setting up Windows Autopilot in your organization. We’ll cover the entire process, from capturing hardware IDs and registering devices to creating deployment profiles and configuring the out-of-box experience (OOBE).

1. Capture the Hardware ID

The first step in setting up Windows Autopilot is to capture the hardware ID of the devices you intend to deploy. This information will later be uploaded to the Intune portal to register your devices for Autopilot. To obtain the hardware ID, run the following commands on a new Windows 10 or 11 device:

md c:\HWID
Set-Location c:\HWID

Set-ExecutionPolicy -Scope Process -ExecutionPolicy Unrestricted -Force

Install-Script -Name Get-WindowsAutopilotInfo -Force

$env:Path += “;C:\Program Files\WindowsPowerShell\Scripts”

Get-WindowsAutopilotInfo.ps1 -OutputFile AutopilotHWID.csv

This will generate a CSV file containing the device’s hardware ID, which includes its serial number, Windows product ID, and hardware hash.

2. Register the Device in Intune

Once you have the hardware ID captured in a CSV file, you can register your devices in Intune for Autopilot deployment. To do this, follow these steps:

  • Log in to the Microsoft Endpoint Manager admin center.
  • Navigate to Devices > Device enrollment > Enroll devices.
  • Select Windows enrollment > Windows Autopilot Deployment Program > Devices.
  • Click Import and select the CSV file containing the hardware ID.

The import process may take up to 15 minutes. You can refresh the page to verify that your device has been added.

3. Configure Company Branding

Next, configure your company’s branding in the Azure portal. This will ensure that your organization’s logo and colors are displayed during the OOBE. To set up company branding, sign in to the Azure portal with a Global Administrator account and navigate to Azure Active Directory > Company Branding. Configure your desired branding settings and click Save.

4. Configure Microsoft Intune Auto-Enrollment

If you haven’t already configured MDM auto-enrollment in Azure Active Directory, do so now. Open Azure Active Directory > Mobility (MDM and MAM) > Microsoft Intune. If you do not see Microsoft Intune, click Add application and choose Intune. For this demo, select All under the MDM user scope and click Save.

5. Create a Device Group for Windows Autopilot

A device group is required when creating an Autopilot deployment profile. To create a new device group, follow these steps:

  • In the Microsoft Endpoint Manager admin center, navigate to Groups > New group.
  • For Group type, choose Security.
  • Enter a Group name and Group description.
  • For Membership type, choose Assigned.

Add the Autopilot device to the group and save your settings.

6. Create a Windows Autopilot Deployment Profile

Now it’s time to create a Windows Autopilot deployment profile. Follow these steps:

  • In the Microsoft Endpoint Manager admin center, click Devices.
  • Under Enroll devices > Windows enrollment, select Deployment Profiles.
  • Click Create profile and select Windows PC.

Configure the various options for your deployment profile, such as the deployment mode, Azure AD join settings, and out-of-box experience (OOBE) options. Once you’ve configured your desired settings, click Next and assign the profile to the device group created earlier.

7. Monitor the Windows Autopilot Deployment Process

With the deployment profile created and assigned, your devices are now ready for Autopilot deployment. As your devices go through the deployment process, you can monitor their status in the Intune portal or the Microsoft Endpoint Manager admin center. Look for devices with the status “Assigned” and a Windows Autopilot device icon.

End-User Experience with Windows Autopilot

Once the deployment process is complete, end-users can enjoy a seamless onboarding experience with Windows Autopilot. Upon powering on their devices, users will be guided through the OOBE, which includes company branding, region and keyboard selection, and account setup. After entering their Azure Active Directory credentials and setting up Windows Hello, users will have access to a fully configured, business-ready Windows 10 or 11 device.

Additional Tips and Resources for Windows Autopilot

This guide provides a solid foundation for getting started with Windows Autopilot. However, there’s always more to learn, and the following resources can help you dive deeper into this powerful technology:

By leveraging Windows Autopilot and the information provided in this guide, you can streamline your device deployment process and ensure a smooth, efficient onboarding experience for your end-users.

Write a comment