Managing Windows 10 with Intune – AutoPilot Reset
Playing with the AutoPilot Reset and essentially refreshing my home laptops over and over, I thought why not just document and share it. I’m coming at this from a “Devices already managed” approach, so I did not pre-register my hardware ID’s for the full white glove experience.
Starting out, I created some device compliance policies that look for how BitLocker and Windows Defender are configured.
Then created my Device Configuration Profiles for BitLocker and the MDATP on-boarding package.
I also decided to test out one of the newer features in Intune, Security Baselines. Windows 10 Security Baselines have made managing device security much easier. They’re bundled configuration settings recommended by Microsoft based on its own security engineers as well as the community. Docs link below.
https://docs.microsoft.com/en-us/windows/security/threat-protection/windows-security-baselines
Here I have some apps that I’d like installed by default.
For this test I’m using a Self-Deploying autopilot profile for my Deployment Mode.
Once I have all my policies and profiles created, I can trigger the AutoPilot reset, notifying the end user that they’ll be logged off.
And away we go with some high definition pictures:
Once all that is complete, I login and get presented a nice clean device with my basic apps already loaded.
Here I can see the clean slate of apps I’m starting with.
And that’s it, a nice easy way to refresh your machines.
More “Managing Windows 10 with Intune” blogs to come!