Endpoint Manager - Import a Device into Autopilot

Owned by William Chattin
Last updated: Sep 26, 2024
3 min read

Follow these instructions when working with a device that’s been “Scorched”.

This page is being updated to match Windows 11

Hybrid AD is no longer supported by Microsoft Endpoint Manager and will no longer be used

Before following these instructions anything related to the device should be deleted including:

  • On Prem AD Device Records

  • Azure AD Device Records

  • Microsoft Endpoint Manager Device Record

  • AutoPilot Device Record

Wipe Device to Vanilla Windows 10

Using a USB drive with a bootable Windows 10 install you should wipe the device. Several tips that may help with this are:

  1. Delete the partitions of the device until there’s one large partition. Windows 10 will partition and allocate necessary space to partitions itself.

  2. You should avoid anything that would put a monolithic image on the device; the device must be at the blue Out of Box Experience screen to move forward.

Import the Device into AutoPilot

The device should be at the first blue screen for the out of box experience (aka Chose your region screen).

After you have network activity do the following:

  1. Press the combination of keys Shift-FN-F10

  2. This should open a command prompt window

  3. Type in powershell and press enter

  4. Type the following commands pressing enter between commands

    $serial = Get-WmiObject Win32_bios | Select -Expand serialnumber; Rename-Computer SSD-$serial; $env:Path += ";C:\Program Files\WindowsPowerShell\Scripts" Set-ExecutionPolicy -Scope Process -ExecutionPolicy RemoteSigned Install-Script -Name Get-WindowsAutoPilotInfo Get-WindowsAutoPilotInfo -online

     

  5. Answer “Yes” to all the questions that are asked during the PowerShell commands

  6. You will need to authenticate to Azure twice. You will use your USERNAME@ssdmo.org and SSDPassword to do this.

  7. You will see “Waiting for 1 of 1 to be imported and eventually 0 of 1 after the import is complete. This process may take a few minutes.

  8. You can type in the command “shutdown /s" after this is all done to shut the computer down.

  9. When it starts up next you can press the Windows key 5 times and chose Autopilot Preprovisioning. Following the prompts will white glove the system.

Enable the device in Azure AD (May not need to do this step anymore August - 2024)

  1. Navigate to Azure Active Directory

  2. Select "Azure Active Directory" on the left panel.

  3.  Select “Devices”

  4. Type the Serial Number of the device you just imported.

    1. Note that your device will have a red “No” for Enabled

  5. Click on the device record

  6. Click “Enabled” which will ask you to confirm the choice

  7. Scroll down and confirm the group “AutopilotComputers” is present on the device record.