3. Speaker Info
Fabian Niesen
▪ Shoe size: 49 in US: 14 ½
▪ MCT, MCT RL, MCSE, MSCA, NCLA, etc.
▪ Senior Advisor @ Dell EMC
=> Opinions are my own
▪ https://infrastrukturhelden.de
▪ @Fabian_Niesen, LinkedIn, Xing
4. Classical ways of deployment
Device build
Shipping from OEM
IT prepares Device
Shipping from IT
Setup at final location
Boxing deviceUnbox device Install device
Install OS Install software
Additional
configuration
5. What is autopilot – Deployment by user
Part of the OOBE (Out of Box Experience)
▪ 3-4 steps for the User (Regional settings, WiFi)
▪ Needs preparation on the AzureAD site – Cloud based Only!
▪ Customize Windows10
▪ Your Choose if the User should be local admin
▪ Upgrade Windows 10 Pro to Enterprise (License needed)
▪ Install supported MDM client
▪ MDM client installs the applications
7. Requirements
▪ Azure AD P1 or P2 with synchronization
▪ MDM solution supported by Azure AD (e.g. MS Intune or VMware WorkspaceOne / AirWatch)
▪ The device must be pre-installed with Windows 10 Pro 1703 or later
▪ Installed Image must use OOBE
▪ Devices needs to be registered upfront
9. How to Harvest the Hash yourself
Mkdir C:Temp
Set-Location C:Temp
Set-ExecutionPolicy -ExecutionPolicy RemoteSigned
Install-Script -Name Get-WindowsAutoPilotInfo
Get-WindowsAutoPilotInfo.ps1 -OutputFile AutoPilot.csv
Automation of gathering and importing Windows Autopilot information:
https://oliverkieselbach.com/2018/07/17/automation-of-gathering-and-importing-windows-autopilot-information/
10. Features in 1703, 1709 and 1803
1703
▪ First release of AutoPilot
▪ Skip of the following settings possible: kind of usage, Cortana, OneDrive, Privacy settings
▪ Choose if first user on device will be local admin
1709
▪ Skip of the EULA
1803
▪ Lock devices until rollout is complete (With Intune)
▪ Announcement for Surface, Lenovo and Dell “Ready to rollout”
11. New Features in Windows 10 (1809)
▪ Personalised Deployment (Pre-Staged UPN)
▪ Zero-Touch Deployment (After Localisation and Network)
▪ Windows S Mode and Windows S now supported
▪ Assign dynamic device name (With random number or device serial number)
▪ 3 Phases of the deployment
▪ Remote wipe
▪ Hybrit Domain join (Azure AD and On-Premise AD)
12. AutoPilot in the Wild – Use cases
Use cases depending on the customer needs and environment!
▪ User based deployment for remote worker
▪ User based deployment for campus worker
▪ Kiosk systems
▪ Recovery solutions for already deployed devices
13. Limitations… mind the gap
▪ Connectivity and bandwidth during the setup
▪ Customer training / awareness: “O dawn, they forgotten to install my
software. … Hello IT?”
14. Tweaking AutoPilot
▪ Custom Image with pre-installed Software (e.g. MS Office)
▪ High amount of effort to keep image up-to-date
▪ Pre-Installed recovery image might be lost with next feature upgrade
▪ Custom Image with local installation repository (just a bunch of MSI-files)
▪ High amount of effort to keep image up-to-date
▪ More control over the MDM, not al software needs to be installed
▪ Local Installation repository on USB drive
▪ Easier to maintain the data source
▪ Difficult to use with MDM solution
▪ Use App-V for packaging
▪ Consider the use of Remote Desktop Services (On-prem or Cloud)
19. Please evaluate this session
Your feedback is important to us!
Please evaluate this session through
MyEvaluations on the mobile app
or website.
Download the app:
http://l.ead.me/mct-mobileapp
Go to the website:
http://events.crowdcompass.com/mctsummit