Loading custom OS images to hundreds of Windows 10 devices is a more common IT nightmare than we ever dare to acknowledge. There’s only so many times we can sit through the tedium of the new setup process in our desperate race to get things ready for new employees as fast as possible.
But what if you could give your team Windows 10 devices off-the-shelf, without the need for extensive IT intervention? That’s what Windows AutoPilot, the new initiative from Microsoft, makes possible.
What is Windows AutoPilot?
Windows AutoPilot is a new cloud-based management service from Microsoft that streamlines the Out of Box Experience (OOBE) of your Windows 10 devices. It makes it possible for the end-user to set up their device from first boot in just a few clicks, without them needing to seek out IT assistance.
The typical new device experience requires you to manually configure OEM registration, privacy settings, OneDrive and other time-consuming processes. It’s boring, costly and a hassle for both end-users and IT admins, especially when you must deploy hundreds of devices for organisational use.
The idea behind Autopilot, then, is to prompt the device via Microsoft cloud services to skip all of these tedious steps and get it work-ready as soon as possible through smart pre-configuration.
What are the benefits of Windows AutoPilot?
Setting up new devices for new users is a tiresome process for any business.
Someone has to create and customise a Windows image, install the right apps, drivers, policies and settings, and then apply and maintain that image on all of your organisation’s devices. Whether it’s your IT team or your vendor that handles the device provisioning, it costs serious time, effort and money.
Windows AutoPilot completely removes the need for anyone to manually deploy custom OS images, install drivers or manage infrastructure. It also provides a number of benefits that makes it practically essential for any business handling hundreds of Windows work devices.
- Customised out-of-box experience: The OBBE can be customised to your company’s liking by pre-configured setup. Allow end-users to skip entire sections requiring manual input, such as Work or Home usage selection, OEM registration, privacy settings, UELA, OneDrive and Cortana.
- Company branding: Autopilot can be used to enable your company branding in the OOBE setup process across all your shiny new devices, though it needs to be configured in your Azure Active Directory first.
- Disabled local administrator permissions: By pre-configuring the OBBE and other settings with Autopilot, you can ensure only upper management can enable admin permissions for Autopilot-registered Windows 10 devices.
- Mobile device management (MDM) enrollment: Once your Windows 10 device joins Azure AD, Autopilot ensures your device is automatically enrolled with MDMs such as Microsoft Intune. This program can automatically push configurations, policies and settings to the device, and install Office 365 and other business apps without you having to get IT admins to manually sort the device. Intune can also apply the latest updates from Windows Update for Business.
With new updates regularly released, AutoPilot’s many advantages are growing at a steady rate.
How does Windows AutoPilot work?
When your business has to hand out Windows 10 PC or laptop devices to a new user, Autopilot fastracks the entire process for both parties through the cloud. Here’s an easy step-by-step-breakdown:
Step 1: The device owner (you) manages all their Windows 10 devices by deploying an AutoPilot deployment profile or multiple profiles. These settings pre-configure Windows and the OBBE setup on your new devices, meaning no manual setup for each device.
Step 2: When your user gets their Windows 10 device and powers it on, all they have to do is select language, choose keyboard layout, and connect to a network as normal.
Step 3: Once the device is online, it is automatically recognised through Microsoft Cloud services as belonging to your company. Your Azure Active Directory (AAD) then prompts the delivery of the AutoPilot deployment profile you pre-configured to deliver the streamlined OBBE setup process.
Step 4: Remember the tedious privacy settings, OEM registration, Cortana setup and OneDrive setup? The user sees none of these sections anymore because you set it up in advance. All your users then need to do is sign in with their Azure AD login.
Step 5: Once the user’s login details are authenticated, the device joins Azure AD and is ready to use.
When properly deployed, AutoPilot is an essential tool for both the IT department and new employees.
What do I need to enable Windows AutoPilot?
Autopilot is available for all Windows 10 devices with the Windows 10 Creators Update (1703 or later).
In addition, your organisation must have either a P1 or P2 Azure Active Directory subscription to be eligible for the AutoPilot Deployment Program, which enables its functionality by joining your Azure Active Directory in Windows 10 OOBE.
All Windows 10 devices must also be connected to the Internet during its setup so AutoPilot can connect. If the device doesn’t have access to the Internet, your AutoPilot deployment profile cannot be delivered to the device and only the default OOBE will occur during new device setup.
How do I register my new devices with Windows AutoPilot Deployment?
All organisations must pre-register devices with the Windows Autopilot Deployment Program to enable Autopilot’s many benefits, but the process is simple and the value it offers well worth the minor effort.
- Acquire the hardware ID: When you acquire new devices, your hardware vendor provides you with a CSV file containing device IDs. All you need to do is upload this device ID file into the AutoPilot Deployment Program using your Azure Active Directory (AAD) tenant to claim ownership.
- Send hardware ID to OEM: You can alternatively email Microsoft directly at firstname.lastname@example.org and provide your OEM authorisation to register your Windows 10 devices to Windows AutopPilot Deployment Service on your behalf, and you only have to provide Microsoft your Azure AD TenantID and Azure AD domain.
- OEM registers your devices via Microsoft Partners Centre: In the near future, Microsoft plans to make it even easier for hardware vendors to perform pre-registration on your behalf without you having to send them anything manually or uploading to AAD.
Getting all your new devices AutoPilot ready is getting easier with each passing day due to Microsoft’s active effort to make it a staple Windows as a Service feature.
How do I register existing devices with Windows AutoPilot Service?
If you have existing Windows 10 devices on Update 1703 or later, you can extract its hardware details manually via PowerShell.
Microsoft published a PowerShell script that gathers the information you need to upload to AutoPilot Deployment Program, via Microsoft Store for Business, Microsoft Partner Center and Intune (in the near future).
When will Windows AutoPilot become ‘zero-touch’?
Windows Autopilot has proven popular among proactive businesses since its original launch as part of the Fall Creators Update in June 2017 – and Microsoft has taken notice.
The most recent Windows 10 April 2018 Update (version 1803) included a number of AutoPilot features based on user feedback, including an enrollment status page for every device to let you know when devices are business-ready and automatic profile assignments.
Microsoft recently announced in June the introduction of several new ‘zero-touch’ AutoPilot capabilities to be added in in the Windows 10 Fall Creators Update release later this year, including:
AutoPilot Reset: Device owners can reset their Autopilot-configured Windows 10 devices and re-deploy them in a business-ready mode for a new user, without physically accessing the device. You also don’t lose any access to MDM enrolments, and you can just click a button in Intune to reset.
Self-Deploying Mode: Device users can power on their new Windows 10 device and have it ready for business use immediately with ‘zero-touch’ or any input at all. This means you can even skip basic settings like language, region and keyboard, which are currently required.
If your business is in the Windows Insider program, you can download Windows 10 test build 17672 (or above) and gain early access to these new zero-touch features.
Why should I use Windows AutoPilot?
With its proven streamlining, time-saving and cost-saving benefits, along with several new features in the pipeline, it’s all the more important to find out how AutoPilot can benefit your business.
More Windows 10 OEMs and vendors are supporting Windows AutoPilot, which means more devices are already registered in the program the moment you purchase them, making it easier to jump in.
Dilignet has helped several businesses in Melbourne register and deploy AutoPilot across their network of devices and enjoy simplified device setup. If you’re interested in learning how and why AutoPilot should be applied across your organisation, get in touch with our team today.