Windows 11 Deployment Question & Suggestions

Brass Contributor

Hello all,

 

Just looking for some guidance please.

 

End User Requirements.

 

  1. Deploy Windows 11 (Laptops) via Intune and/or Autopilot
  2. With two local admin accounts (or at least one)
  3. Laptop built before getting handed to end user
  4. Device will be off the network for several months but will get connected for updates when possible
  5. No requirement for Microsoft applications, eg Outlook , Teams etc
  6. USB ports enabled
  7. End user will install and update the apps they require via usb

Any solutions greatly appreciated.

 

 

 

2 Replies
Please see responses below -

Deploy Windows 11 (Laptops) via Intune and/or Autopilot - RJ Yes
With two local admin accounts (or at least one) RJ - Yes. You can create custom accounts with or without the use if LAPS.
Laptop built before getting handed to end user - RJ - Pre-provisioning may be go to method here.
Device will be off the network for several months but will get connected for updates when possible - RJ - Yes, but you may have to relax your compliance and cleanup policies.
No requirement for Microsoft applications, eg Outlook , Teams etc - RJ No or is there a requirement? All the referenced apps can be installed during provisioning.
USB ports enabled - RJ - Yes, through Device control.
End user will install and update the apps they require via usb - RJ - Yes, but not recommended from a security standpoint.
A little update

1) - Windows 11 successfully deployed.
2) - Have created a powershell scrip to create a local admin account , but isn't working.
Points 3 , 4 , 6 & 7 are all ok.
5) I have created a script to remove the preinstalled O365, Outlook and Onedrive, the scripts reports back it is successful, but the apps remain.

Any advice welcome