Windows AutoPilot introduces a faster, more reliable way to deploy windows and applications to devices. For most IT pros, configuring Windows OS on new devices is a painstaking process. For years, System Center Configuration Manager (SCCM) has been the go-to for OS deployment. While some organization still use SCCM for software/hardware inventory and software updates, a large chunk of those duties have been overtaken by Intune — which is Near Zero Touch.
But, what about OS deployment? Most organizations still lean on reloading OS with custom images for standard deployment. But what if there was a better way? As Microsoft continues to push further into the automation space-saving brands time, money, and plenty of headaches along the way — OS deployment is their newest target. And, Windows AutoPilot is the solution.
Windows AutoPilot can help you deploy faster and save you plenty of time and money. Let’s look at how it works, it’s integration with Intune and Azure AD, and what a typical AutoPilot use case might look like.
What Is Windows AutoPilot?
Windows AutoPilot is a Near Zero Touch end-to-end Windows device management solution. Think about your organization’s typical device lifecycle management process for a second. You probably maintain WIM files for every device model and OS version. And, this process of managing custom images can be a huge time sink. For starters, you have to build each custom image — which requires upfront labor costs and resources. Then, you have to establish the infrastructure necessary to maintain those images. Finally, you have to utilize those images appropriately and keep them in a ready-to-use state for each new device model introduced into your business ecosystem. Plus, let’s not forget that you’ll have to update those images with each Microsoft update — which can add a layer of frustration on top of an otherwise positive experience.
Windows AutoPilot lets you say goodbye to those custom images, and hello to automated OS deployment. And you can:
- Join devices with Azure AD automatically
- Enroll devices in Intune automatically
- And, best of all, the only interaction required during OS deployment is the connection to the network and credential input. Beyond that, everything is automated.
That means that you no longer have to purchase thousands of devices, ship them to IT, wipe them, upload custom images, and then redeploy them to the workforce. In fact, IT doesn’t have to touch the device at all. Instead, users simply connect to the internet, login, and AutoPilot takes care of the rest.
But, let’s not get ahead of ourselves. To fully understand AutoPilot, you need to know about Intune and Azure AD.
What Is Microsoft Intune?
AutoPilot acts as the lever that unlocks automated Intune deployment. So, to understand AutoPilot, you have to understand Intune. The easiest way to describe Intune is as a cloud-based device manager. But, it’s really an overall enterprise mobility management solution (EMM) since it helps with compliance, mobile provisioning, and security.
Intune enrolls devices into your IT ecosystem, configures those devices, reports, and even helps with the removal of enterprise data from devices post-use. Intune works with all Windows OS devices AND Mac OS. And, you can grab some handy-dandy third-party integrations to include Linux in that list. Intune acts as your primary device management tool, and it has largely overtaken Systems Manager for a large portion of device management use cases.
What Is Azure AD?
Azure AD is Microsoft’s identity management solution. There’s universal identity management value packed into Azure AD — and it’s rapidly become a staple of Microsoft ecosystems. But, it’s important to note that Azure AD can handle your entire tech ecosystem. And, you can use Azure AD Connect to sync identity control across your tech stack. This makes Azure AD a centralized identity solution instead of a Microsoft-specific granular system.
To learn more about the license requirements for Azure AD, click here.
Understanding the AutoPilot Intunes Relationship
The out-of-the-box promise that AutoPilot delivers is hinged to Intune — which acts as the driver that pushes installs and updates to devices. Here’s how it works.
- IT will configure the AutoPilot workflows and register devices in Intune. IT will have to grab the device ID from the hardware vendor during this step.
- Your business buys new devices.
- Users unbox the devices and sign in to their Microsoft account (with an active network connection)
- Intune syncs AutoPilot and the devices and pushes configurations and updates for the devices.
A Couple of Points to Note
- AutoPilot works by joining the device into Azure AD. So, if you’re using a hybrid setup (not a full Microsoft ecosystem), you’ll still probably use MCM and AD to assist in the device setup workflows. But, you can go in and manually provision existing devices into your Azure AD tenant. So, AutoPilot is still valuable for your existing assets as well as your new ones.
- AutoPilot requires one of the following licenses — Microsoft 365 Business, Microsoft 365 F1, Microsoft 365 E3 or E5, Enterprise Mobility & Security E3 or E5, or any other license that provides AAD/MDM services.
- Your vendor needs to support AutoPilot. Almost all vendors that already support SCCM custom image builds have joined on with AutoPilot. But, there are certainly use cases where vendor support is nonexistent.
- You need Windows 10 version 1703 (or later)
While AutoPilot is meant for Windows 10 devices only, Intune can be used to provide all of the mobile devices in your enterprise. Matt Soseman talked about that in our latest Agile IT tech talk here.
A Deep Dive into Windows AutoPilot (Use Cases + Benefits + Detailed Breakdown)
Our friend Matt Soseman recently broke down the benefits of AutoPilot succinctly. But, we’re going to dive a little deeper into its use cases and benefits. Again, this is an emerging technology, and it’s not disruptive, and it doesn’t require a bunch of additional tech to utilize appropriately. Really, AutoPilot is about achieving three primary goals.
- Saving money and time by reducing IT staff touchpoints.
- Introducing ease-of-use into device config.
- Continuing to revolutionize cloud services by shrinking the gap between hardware and cloud.
It’s easier to think of AutoPilot as an evolution of device management. Contained within these three primary drivers, there are loads of benefits. In his video, Matt lists some benefits.
It No Longer Has to Maintain Images and Drivers
Custom images are definitely a pain. Not only do they require significant time investments to create (plus you have to update ALL of them with each rollout), but they require you to literally wipe every device that comes through the doors. AutoPilot and Intune require absolutely no custom images, and you’ll only need to reach out to the manufacturer to grab the device ID during the provisioning stages of Intune.
It Doesn’t Have to Touch the Devices (Near Zero Touch)
Remember, AutoPilot is grabbing provisional info from Intune, so IT doesn’t have to actually touch the device. It’s not that IT doesn’t ever have to touch the device (they still may have to configure admin rights), but they will have to deal with devices MUCH less often. Users are provisioning their own devices via a login. AutoPilot/Intune take care of the rest.
Simple Process for End-Users
Let’s be honest; user-end cloud automation is only valuable if it’s simple. And, AutoPilot is the definition of simple. Users will take a total of two steps — connecting to the network and logging in. That’s it!
Easy Integration for the Whole Device Supply Chain
Intune is certainly valuable throughout your supply chain. And, AutoPilot can do much more than OS deployment — it can also reset, repurpose, and recover.
Easily Reset Devices Back to a Business-Ready State
IT can rollback devices to previous states rapidly via AutoPilot/Intune integrations.
Remember, AutoPilot is automatically joining devices to Azure AD and enrolling them into Intune for device management. This is a huge timesaver.
A Typical Windows AutoPilot Use Case
Let’s look at how you would typically use AutoPilot for device management.
To start, your organization will register with AutoPilot. If you’re just starting, you’ll have to go in and manually add each device that you already have within your tech ecosystem. New devices will likely be automatic as most vendors have signed on with AutoPilot. So, when you purchase a new device, IT will only need the AutoPilot device ID from the vendor side.
Next, IT will be responsible for configuring AutoPilot and setting up profiles. IT can choose which profiles have admin privileges and which don’t during this phase (note: you can add privileges later as-needed). This is pretty much the last step where IT needs to get involved. That’s right! No custom image files and no manual device wipes. In fact, you’ll ship devices straight to the user — where they will provide their own device via self-service.
Once the user has the device, they connect to the enterprise network and sign in. From here, AutoPilot will recognize the device and start pushing configurations into the device via the cloud. This means that IT doesn’t have to spend valuable time hydrating drivers and updating apps. It’s all automated.
Autopilot is an incredibly valuable tool for IT pros and businesses who want to save time, money, and frustrations during the device provisioning process. And, AutoPilot is added to the long list of Microsoft cloud solutions aimed at making life easier for business users. Are you interested in acquiring an AutoPilot license or setting up your AutoPilot environment? Contact us! We’re award-winning Microsoft Partners who are ready to help you evolve your IT ecosystem to gain a cutting-edge advantage on your competition.