Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

...

...

...

Table of Contents
minLevel1
maxLevel7
Info

You must bind the device being enrolled to the on prem AD Domain

Adding a Device record to Group Membership in Azure Active Directory

To access Azure Active Directory you can chose the Admin Tile within Office 365 or follow this LINK. After clicking on the link you will need to select Azure Active Directory.

  1. To get to the main options for Azure AD click the Azure Active Directory on the left panel

    Image Removed
  2. First, let’s make sure that the device is in Azure AD after being bound to the on prem AD domain

  3. Under the Manage selections chose “Devices”

    Image Removed
  4. Search for the computer name of the device we want to enroll

    Image Removed
  5. Click on “Azure Active Directory” on the left to go back to the original set of options

    Image Removed
  6. Select “Groups” from the panel to the right.

  7. Search for the ManualAutoPilot group

    Image Removed
  8. Click on the ManualAutoPilot group to open up the options for that group

    Image Removed
  9. We want to add the device that is enrolling to this group so you will select “Members”

  10. After selecting “Members” you should click the “+ Add Members”

  11. Search for the computer name or Azure ID of the device you want to add to the group

  12. Click on the device and then click on the blue “Select” button

    Image Removed
  13. You are ready to reset the device.

Reset the Device using Windows 10 Reset Options

...

Clicking the start button you can search Reset this PC.

...

Under Reset this PC, click Get started.

Follow the instructions on the screen.

...

You will want to “Remove Everything”

...

Follow these instructions when working with a device that’s been “Scorched”.

Warning

This page is being updated to match Windows 11

Note

Hybrid AD is no longer supported by Microsoft Endpoint Manager and will no longer be used

Info

Before following these instructions anything related to the device should be deleted including:

  • On Prem AD Device Records

  • Azure AD Device Records

  • Microsoft Endpoint Manager Device Record

  • AutoPilot Device Record

Wipe Device to Vanilla Windows 10

Using a USB drive with a bootable Windows 10 install you should wipe the device. Several tips that may help with this are:

  1. Delete the partitions of the device until there’s one large partition. Windows 10 will partition and allocate necessary space to partitions itself.

  2. You should avoid anything that would put a monolithic image on the device; the device must be at the blue Out of Box Experience screen to move forward.

Import the Device into AutoPilot

The device should be at the first blue screen for the out of box experience (aka Chose your region screen).

Info

Please use a wired network during these processes. If you must absolutely use wireless this is how you’ll have to do it:

  1. Press the combination of keys Shift-FN-F10

  2. A command prompt window will open

  3. Type in the following command

    Code Block
    start ms-availablenetworks:

  4. This should open the wireless network selection box in the bottom right corner

After you have network activity do the following:

  1. Press the combination of keys Shift-FN-F10

  2. This should open a command prompt window

  3. Type in powershell and press enter

  4. Type the following commands pressing enter between commands

    Code Block
    $serial = Get-WmiObject Win32_bios | Select -Expand serialnumber; Rename-Computer SSD-$serial;
    $env:Path += ";C:\Program Files\WindowsPowerShell\Scripts"
    Set-ExecutionPolicy -Scope Process -ExecutionPolicy RemoteSigned
    Install-Script -Name Get-WindowsAutoPilotInfo
    Get-WindowsAutoPilotInfo -online

     

  5. Answer “Yes” to all the questions that are asked during the PowerShell commands

  6. You will need to authenticate to Azure twice. You will use your USERNAME@ssdmo.org and SSDPassword to do this.

  7. You will see “Waiting for 1 of 1 to be imported and eventually 0 of 1 after the import is complete. This process may take a few minutes.

  8. You can type in the command “shutdown /s" after this is all done to shut the computer down.

  9. When it starts up next you can press the Windows key 5 times and chose Autopilot Preprovisioning. Following the prompts will white glove the system.

Enable the device in Azure AD (May not need to do this step anymore August - 2024)

  1. Navigate to Azure Active Directory

  2. Select "Azure Active Directory" on the left panel.

    Image Added
  3.  Select “Devices”

    Image Added
  4. Type the Serial Number of the device you just imported.

    1. Note that your device will have a red “No” for Enabled

      Image Added
  5. Click on the device record

  6. Click “Enabled” which will ask you to confirm the choice

  7. Scroll down and confirm the group “AutopilotComputers” is present on the device record.

    Image Added
Note

Allow the computer to remain online for 20 - 30 minutes. This will give it time to sync across the management system and download the correct profile. Restart the computer and then it will be ready for the user to log into the device.

Page Contents

Table of Contents
minLevel2
maxLevel7
absoluteUrltrue