Home     Azure       Windows Autopilot: A Device Management Solution 

Windows Autopilot: A Device Management Solution 

Windows Autopilot: A Device Management Solution 

All things are going cloud-based and if you’re not getting in on the action then you are missing out on its obvious benefits. Windows Autopilot presents a way to do managed device deployment, whether it’s a mobile or desktop, one-user or kiosk device, on-site or remote configuration. It offers “low-touch” deployment across a range of scenarios, with the easiest cases being where companies have moved to cloud organisational identity management with Azure AD. 

What does this mean for you and your IT team? Far less time spent on configuring devices for use at work. 

The benefits of using Windows Autopilot 

No need to re-image new devices 

Devices can be ready to go, out of the box (or simply require a user to load the Windows Autopilot profile). 

Users can set up devices themselves 

In what usually would require at least a disk handed to them from IT, users can now instead set up a device simply by switching it on and connecting to a network. 

Devices can be rolled out anywhere 

Devices needn’t be connected to an internal network: regular internet will do to provision the device on start-up. This is great news for the shift towards remote work. 

Have a custom security profile in place across all devices before deployment 

Did you know 69% of SMBs in the US have lost sensitive data from security breaches? By ensuring security even before users can access the desktop, you are helping stay even more protected against security vulnerabilities. 

Customized workplace profiles 

Assign different profiles to different devices before they reach the end-user, such as administrator, human resources team, or software developer, each with their own configuration, access, and apps. 

Reset devices while keeping organisational enrolment 

Simply removes the user-specific files, settings, and apps. 

How it works 

Here are the steps required for all deployment scenarios:

Device enrolment

The hardware vendor adds the device itself to the list of enrolled devices within the organisation.

Profile creation and assignment

Create a deployment profile for groups, then assign devices to that profile. 

Rolling out the device

On start-up, after connecting to a network, the device loads the assigned profile. 

Windows Autopilot deployment scenarios 

There are a few different ways in which you can set up and provision devices, ready for use. These include: 

A traditional approach, where IT administrative staff pre-provision the device in advance, ready for users to get up and running straight away 

A user-driven approach, where the user themselves can set up new Windows 10 Pro devices without any assistance needed, remote or on-site, using Microsoft Intune and Azure AD. This involves connecting to a network and using organizational email credentials to login and initiate the sequence. For complete instructions, head over to Microsoft. 

A hardware provider approach, similar to the traditional approach, but where hardware partners have the capability to pre-provision the device in advance. 

Requirements for Windows Autopilot 

There is a long list of requirements necessary to have in place before Windows Autopilot can be a successful program. Fortunately, if you have Azure AD implemented already, and you are provisioning new Windows 10-compatible devices, these requirements will already be in place.  

Device: 

  • Windows 10 Pro, Education, or Enterprise 
  • Proper internet functionality 
  • Windows Activation 
  • Network Time Protocol (NTP) Sync 
  • Domain Name Services (DNS) 
  • Network Connection Status Indicator (NCSI) 
  • Approved firmware 
  • Diagnostics data (optional) 
  • Windows Update (optional) 
  • Windows Notification Services (WNS) (optional) 
  • Microsoft Store (optional) 
  • Office 365 (optional) 

Other required organisational services: 

  • Windows Autopilot Deployment Service 
  • Windows Activation 
  • Azure Active Directory 
  • Intune 
  • Delivery Optimization (optional) 
  • Certificate revocation lists (CRLs) 
  • Hybrid AAD join (optional – if hybrid Azure AD is used) 

Licensing requirements: 

  • Microsoft 365 Business Premium subscription 
  • Microsoft 365 F1 or F3 subscription 
  • Microsoft 365 Academic A1, A3, or A5 subscription 
  • Microsoft 365 Enterprise E3 or E5 subscription 
  • Enterprise Mobility + Security E3 or E5 subscription 
  • Intune for Education subscription 
  • Azure Active Directory Premium P1 or P2 and Microsoft Intune subscription (or an alternative MDM service). 

Ready to streamline your device deployment? 

If you would like assistance in setting up Windows Autopilot for your organisation, along with guidance in how to set up profiles, roll out new devices, update existing devices, and wipe old devices, then get in touch. We can help set up your device management environment, educate the team in best practices for management, and have you smooth sailing when it comes to new, repurposed, or end-of-life devices. 

Subscribe to our newsletter

Enter your email and stay in touch with the latest updates from A1.

Call Now ButtonCall us now