cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Ask Microsoft Anything about Windows Autopilot: June 3rd, 2020
By
Michael Niehaus
Published May 07 2020 01:14 PM 11.1K Views
Michael Niehaus
Microsoft
‎May 07 2020 01:14 PM

Ask Microsoft Anything about Windows Autopilot: June 3rd, 2020

‎May 07 2020 01:14 PM

To answer questions and help you more easily set up and configure Windows 10 devices so end users can work productively (and securely) from anywhere, the Microsoft Endpoint Manager team will be hosting a one-hour Windows Autopilot AMA event on Wednesday, June 3, 2020.

ADD TO CALENDAR

To join, simply, visit the new Microsoft Endpoint Manager AMA space on June 3rd at 9:00 AM Pacific Time and click "Start a New Conversation" to post your question. This event is open to all Tech Community members and we'll have members of the Microsoft Endpoint Manager product and engineering teams standing by to provide answers—as well as members of the MVP community who can provide their real-world expertise.

What is an AMA?

An "Ask Microsoft Anything" (AMA) event is a live, online, text-based question-and-answer event similar to a "YamJam" on Yammer or an "Ask Me Anything" on Reddit. This AMA is your chance to get answers to your questions about things like:

  • Using Windows Autopilot with user-owned devices
  • Using Windows Autopilot to upgrade your Windows 7 devices to Windows 10
  • Deploying applications with Windows Autopilot
  • Your question here!

I'm in. How do I join?

  • The Microsoft Endpoint Manager AMA space will open at 10:00 a.m. PT June 2nd and remain open until 10:00 a.m. PT June 3rd.
  • You can post questions anytime during the 24-hour window. To submit a question, simply click Start a new conversation—and do this for each new question.
  • Our subject matter experts will be answering questions throughout the 24-hour window—and they will all be standing by live for the final hour, from 9:00-10:00 a.m. PT on June 3rd.
  • At the end of the AMA, the Microsoft Endpoint Manager AMA space will close and become a read-only resource. We will post a final recap within 72 hours.

Don't miss this chance to get answers to your questions. Click on the image below to add this event to your calendar. We hope you can join us!

windows-autopilot-ama.png

Also, this will be the first in a series of monthly Microsoft Endpoint Manager AMAs. Stay tuned to the Microsoft Endpoint Manager blog for details on future events.

 

6 Comments
Viral_Nagar
Copper Contributor
‎May 12 2020 03:10 AM
‎May 12 2020 03:10 AM

Kindly integrate perfect shapes as tools orior symbols inMin whiteboard just like paint.....

0 Likes
Like
qaissy
Copper Contributor
‎Jun 01 2020 01:39 PM
‎Jun 01 2020 01:39 PM

Q1. How to install apps post autopilot and after user login, not during ESP

Q2. Install apps using GraphAPI
Q3. Install policies using GraphAPI

0 Likes
Like
Niall Brady
Copper Contributor
‎Jun 02 2020 10:47 AM
‎Jun 02 2020 10:47 AM

When will we see Autopilot support for VPN with Hybrid Azure AD Join?

0 Likes
Like
Niall Brady
Copper Contributor
‎Jun 02 2020 10:51 AM
‎Jun 02 2020 10:51 AM

some more questions.

When will see accurate ESP reports ?

When will we see Enterprise wifi getting properly supported and not disconnecting during ESP ?

Can we add a smstspostaction type of action to autopilot enrolled pc's so that it automagically does an action on user login instead of having to run powershell scripts to schedule tasks ?

ASquareDozen
MVP
‎Jun 02 2020 11:38 AM
‎Jun 02 2020 11:38 AM

Be sure to post your questions in the AMA Space, not as replies here.

https://techcommunity.microsoft.com/t5/microsoft-endpoint-manager-ama/bd-p/MEM-AMA

 

2020-06-02_13-24-11.png

0 Likes
Like
JimParsons
Brass Contributor
‎Jun 03 2020 08:55 AM
‎Jun 03 2020 08:55 AM

All computers deployed via AutoPilot, AutoPilot Reset, or manual reset (settings, recovery, reset this PC) are deployed with the computer time zone being set to PST (Pacific Standard Time).  We are working with national and international customers that require AutoPilot computers being shipped globally but we are trying to deliver the “Zero Touch” Out of the Box experience to the end user.  In order to maximize security our standard AutoPilot deployment profile sets “User Account Type = Standard”.  Therefore when a computer is delivered, the recipient is unable to update their time or time zone without contacting support.  Additionally, if we try to assist the user with traditional web tools such as “MS Quick Assist” or 3rd Party tools, such as ConnectWise, Screen Connect, or TeamViewer the connection is established with the user’s credentials.  The moment the change is attempted MS User Access Control (UAC) kicks in and we are unable to see or assist with the dialogue box to enter alternative administrative credentials.  Our position is that we should be reducing software on computers to reduce the attack surface.  We should not have any administrative accounts on a local computer to reduce the attack surface.

 

We need to be able to set the clock automatically in Intune.  We also need it to be able to be changed/updated for travelling users in a Zero Touch manner.

 

 

How much revenue/pipeline for your company is this impacting?

 

This issue isn’t about revenue generation but is about reducing support expense, loss of productivity time, and time inaccuracies effect almost every aspect of computing from logs to file time stamps.  Everyone in the organization, except those individuals in the Pacific Time Zone, are effected.  Even those people in the PST are effected when they travel to any other time zone.

 

 

How many users total do you anticipate this impacts?

 

Every one in the company is affected.  Since we support multiple companies, I can safely say that this effects all users in all companies that use Intune deployments at some point.

 

 

Is this blocking the use of autopilot completely?

 

No, the inaccurate time stamp does not block the user of AP completely but unless corrected the issue has a severe negative impact on users.

 

 

The workarounds that I have attempted so far are described here:

 

I uncovered an article by Microsoft MVP, Peter van der Woude, from the Netherlands. He developed a Custom Device Configuration Profile using and OMA-URI setting that can set the time zone for a user at the time of deployment. This saves the user from having to set their Time Zone. However, it is a one-time setting and the user cannot change their TZ without admin support.  If traveling the user would need to manually change the setting to a new local time and again require admin support.

 

 

https://www.petervanderwoude.nl/post/configure-time-zones-via-windows-10-mdm/comment-page-1/?unappro...

(Note about this fix is that when I opened a ticket with MS support, I was offered this as solution as a work around.)

 

Another work-around suggestion is to create and send a PowerShell script to the computer  (see below)

 

Set-TimeZone -Id “Central Standard Time”

Start-Service W32Time

Restart-Service W32Time

 

Finally -

 

Nickolaj Andersen from MSEndPointMgr.com developed PowerShell scripting using Windows 10 location services and Azure Maps that can get Time Zones working but would also incur Azure charges.  The author notes that it currently works but if Windows code changes in anyway, it scripting can break and there would be no one to support the problem at that point.

 

https://msendpointmgr.com/2020/05/20/automatically-set-time-zone-for-devices-provisioned-using-windo...

 

 

Ultimately, we would like to see a native solution in Intune which just works.  Any help getting us toward that solution would be greatly appreciated!

 

Version history
Last update:
‎May 07 2020 01:14 PM
Updated by: