Windows Autopilot - OEM and User-Driven Mode

Brass Contributor

We currently have Autopilot User-Driven mode working for Hybrid join and co-management. The problem is to get the system ready with all configuration and software from Intune and MECM takes 90 mins and the user has to wait this long for their device to be ready from the time they unbox it to the time everything is complete. 

Pre-provisioned deployment allows for an OEM or IT function to add software before shipping to the user thus reducing the time at the user end before the system is fully ready. The problem for us is that it is in public preview so we cannot use it in production as it's against our policy. 

So I was wondering the following:

Q: What is (or would be) preventing us using a single (or multiple) generic IT accounts to drive user-driven deployments. For example:


  1. OEM or IT admins sign-in into the devices with these generic accounts and kick off autopilot by signing into AzureAD with MFA etc.
  2. Cloud management gateway used to delivery most of the software to the SYSTEM as we don't really use pre-user apps
  3. Once complete we ship to the user

The only issue I see out front maybe Bitlocker  and where to store the recovery keys. 


0 Replies