Microsoft has released some new features for Autopilot this month. These features are in preview, but they are available if you enable Windows inside Program. They have announced through this blog post: https://www.microsoft.com/en-us/microsoft-365/blog/2018/06/07/simplifying-it-with-the-latest-updates-from-windows-autopilot/
With Autopilot Reset you can reset the device without any touch on that device. The only thing is to initiate the reset from the Intune portal. If a user is logged in, the user gets a notification. If not, the device will reboot and will start to reset. This is great and works, in my opinion, better than to initiate a reset by a user, like Windows Automatic Redeployment. (for more information about that, check this blog post: Part 15 – Configure Microsoft Intune – Windows Automatic Redeployment )
There is another new option which is, assignment to an Autopilot profile. Based on a device group, you can assign devices automatically to an Autopilot profile. This group will be automatically filled in with devices based on an ID. Every device which is imported in Autopilot gets an Autopilot ID.
Then you got another feature which is called Self-deploying. This may come in handy if you want to (re)deploy a kiosk or shared device. Because of this feature, the device is not associate with a user. During setting up the device, Windows 10 will not ask for a login name and password.
Of course, is that the reason to test the new features in Autopilot. This week I had some time to test this. I have used my virtual machine with Windows 10 1803 installed on. I have signed up with my admin tenant account for Insider Preview updates and checked for these updates. After the check Windows 10 was downloading and installing the Insiders Preview update.
The prerequisites for these features are:
- You must sign up for the Insiders Preview Program (your account must be global administrator in your (test) tenant) Link here: https://insider.windows.com/en-us/for-business-getting-started-server
- The latest version of Windows 10 Insiders Preview (download it here: https://www.microsoft.com/en-us/software-download/windowsinsiderpreviewadvanced) and you have to download the update via Windows Updates. This moment we got version 17686.1003 or you can sign in with your standard Windows 10 1803 version for Insiders Preview updates.
Alrighty then, let’s begin
Before we are importing the devices and making an Autopilot profile, we have firsts make a new device group. With this group, we can assign the devices automatically to an Autopilot profile. The device will get an ID after importing into Autopilot. This ID can be used for adding the devices automatically into the group. This is based on a dynamic rule.
Go to Intune Portal -> Groups.
Click on the New group button.
Give the group a name, like All Autopilot Devices, Group type is Security and Membership type is Dynamic Device. Click on Dynamic device members.
Click on Advanced rule and enter this line as an advanced rule: (device.devicePhysicalIds -any _ -contains “[ZTDid]”) Click on the button Add query. Click on the Create button to create the group.
Now it is time to make a new Autopilot profile.
Go to Intune portal -> Device enrollment -> Windows enrollment
Click on Deployment Profiles.
Click on Create Profile.
Give the profile a name and select deployment mode on self-deploying (preview)
Click on the Out-of-box experience (OOBE) for more settings.
I want a zero-touch deployment. So, I have disabled (hide) everything. Click on the Save button.
Click on the create button to create the profile.
The profile is created. Click on the profile and click on Assignments.
Click on the button Select groups.
Search for the device group and click on the select button. After that click on the Save button.
Ok, we got a profile and a group for Autopilot. Now we have to add the devices into Autopilot. To get the correct information, such as Hardware ID, you can use the PowerShell script. How this works is explained here in this blog post: Part 14 – Configure Microsoft Intune – Windows Autopilot Please, read this and import the computer in Autopilot. You do not have to assign the device to a profile. The group will do this for you.
This is what you get in the group if you have imported the devices.
I have imported the devices and they are automatically assigned to the new profile.
It is time to test the new feature. Reset or reinstall your device and…
wait until you see this. Click on the button Next.
Autopilot is doing its work now. The user must wait until this process is done. After this, the user has a device which is in the fully business-ready state.
Click on show details for more information.
Now it’s time to check the new feature Autopilot Reset.
It is in preview, but you can initiate a reset from the Intune console. To reset the device you have to go the device in Intune.
In Overview, you got a menu. Click on more, which is expending the menu.
Click on Autopilot Reset (preview) to initiate the reset.
Click on the Yes button.
The reset is initiated.
If the user is logged in, the user gets this notification. I do not want to wait for 45 minutes so I will reboot the machine manually.
The device is resetting.
The reset is completed.
Log in with another user, not the same user who was using this device before the reset.
You will get this screen again. Autopilot is preparing the device for the (new) user. After that, the user can log in with his or her AD credentials.
That’s it! This is how the new features work. Reminder, this is still in preview. I do not know when these features come in General Available(GA) state. So, be patient…
Thanks to Autopilot Reset, the reset can be initiated through the Intune portal and not by the user. This is great when the user must switch from device to another used device.
Also, the device group is a nice option to assign the Autopilot devices automatically to a profile.
This is it. Thanks for reading my blog post about Windows Autopilot. If you have any questions or comments about Windows Autopilot or maybe Microsoft Intune related, don’t hesitate to contact me by email or by posting a comment here below. I am also active on social media and some community forums, like Technet forum, Yammer, and Techcommunity.
Good luck! Take care now, bye bye then…