Windows Autopilot deployment profiles Issue

Copper Contributor

Hi Community Support

 

Anyone who can help me figure it out this issue.

 

1. created a sec group for intune licenses (added all AAD USERS), and added Microsoft 365 E5 License.

2. created a "Windows Autopilot deployment profiles:. the OOBE settings below are not being pulled when I initiate an autopilot.

3. settings ALL NOT REFLECTING

Deployment mode: User-Driven
Join to Azure AD as: Azure AD joined
Language (Region): English (United States)
Automatically configure keyboard: Yes
Microsoft Software License Terms: Hide
Privacy settings: Hide
Hide change account options: Hide
User account type: Standard
Allow White Glove OOBE: No
Apply device name template: Yes
Enter a name: HELLO-%RAND:4%   

 

4. Am I missing something on the provisioning?

13 Replies

@gtoribio 

 

Hi, how are you trying to test this?  On new devices shipped from your OEM, or by reformatting an existing Windows 10 machine or upgrading a Windows 7?  If the latter, have you created a csv file for the machine and imported into Windows Autopilot devices as shown in the below image?

 

Screenshot 2020-05-04 at 06.49.23.png

@PeterRising I did the import(machine1) and manually joined (machine2) and also I was able to push remote autopilot reset to these 2 machines. what I don't get is why it doesnt get the autopilot profiles I created.

Machines are 1 physical machine lenovo t470 and machine 2 is VM both are in 1909 version.

 

please see attachment details(not sure if it helps)

@gtoribio 

 

OK, Profile status needs to show as Assigned before this will work, and it can take some time for this to happen.  How long has it been since you configured these settings?

@gtoribio 

 

Also, is the device in the Autopilot device group that you created?

@PeterRising since saturday May 2 2020. based on the windows autopilot profile, no devices. see attached file.

@PeterRising I havent created the machine sec group(assigned type)..I'm doing it now. I will autopilot reset again and try if it sees from the autopilot profile I created. and if it will work, I test too the dynamic group setup.

@gtoribio 

 

Ah, the group is important.  Hopefully this will kick it into life for you. :smile:

@PeterRising It worked. fixed using Group Assigned and Dynamic Device. 

 

Another 2 issues related to Autopilot Profiles are:

1. I have machine where I autopilot reset, and then when I logged in as standard user, the old user account(auto added as local administrator) still there.

2. Machine name conversion is not following the rule set DYD-%RAND:5% or DYD-%SERIAL%

 

is it related to microsoft announcement. any knowledge about it? https://techcommunity.microsoft.com/t5/intune-customer-success/known-issue-with-rename-device-settin...

@gtoribio 

 

Glad to hear it worked for you.  To answer your questions;

 

1). The Admin user issue is highlight from this known issues page - https://docs.microsoft.com/en-us/windows/deployment/windows-autopilot/known-issues and shown below;

 

Screenshot 2020-05-04 at 11.45.12.png

 

2). Machine name conversion issue, What machine name is being generated in the autopilot setup?  A random name?  I do know that this doesn't work / work well with Hybrid Azure AD join,  but you are using just Azure AD join right?

 

@PeterRising 

 

1). this is purely Intune & AAD. The machine was AAD joined(automatically added as local admin), and then repurposed to a standard user(autopilot reset). I can still see the previous user(local admin) after autopilot reset. My solution might be:

  • Use the  "wipe action" to totally remove the prev AAD local administrator owner because it already offers the wipe action to keep the enrollment record on my tenant. I hope will completely remove the prev. user.

2) The naming conversation reflected in intune/aad is the same as the device name. No changes at all.

I found the solution, instead of using MyCompany-%RAND:5% or %SERIAL%, use this format MyCompany-{{serialnumber}} or MyCompany-{{RAND:5}} 

 

:xd::xd::xd:

 

@gtoribio 

 

Nice work.  I think that you have two good solutions there.  :smile:

@PeterRising I found the solution, instead of using MyCompany-%RAND:5% or %SERIAL%, use this format MyCompany-{{serialnumber}} or MyCompany-{{RAND:5}} 

 

****Correction: got excited. this will only work if you are renaming each of the devices. it does not accept if you apply this kind of format on "Windows Autopilot deployment profiles". :(

@gtoribio 

 

Well I'm pleased you were at least able to get it working with the group.  I'll have to play around with the naming templates when I have some time, as i've never really applied this.