Windows Autopilot is modernizing the way you deploy Windows. It simplifies the process by eliminating the complexity associated with creating, maintaining, and distributing custom images while reducing the overall total cost of ownership.
We’re constantly improving Windows Autopilot based on the feedback that we receive from you and our other customers around the world. One of the most popular requests has been, “When will Windows Autopilot support on-premises Active Directory enrollment for Windows 10 devices?”
Today, we are excited to introduce support for Hybrid Azure AD join (on-premises AD) using Windows Autopilot user-driven mode. This capability is now available with Windows 10, version 1809 (or later).
In this mode, you can use Windows Autopilot to join a device to an on-premises Active Directory domain. Configuring this feature is very similar to the Windows Autopilot user-driven mode process today:
In the Create Profile blade for user-driven mode, there will be a new option under Join to Azure AD as labeled Hybrid Azure AD joined (Preview).
Selecting this option is all you need to do from a deployment profile standpoint to configure Windows Autopilot user-driven mode for Hybrid Azure AD.
The next step is to configure the new Intune Connector for Active Directory. This connector will be used by Microsoft Intune to communicate with your on-premises domain controller during the Windows Autopilot process.
The Intune connector requires a device configuration profile to specify the domain join and computer naming details. To set up this profile:
What’s great about Windows Autopilot user-driven mode for Hybrid Azure AD is that it benefits from the rest of the great features of Windows Autopilot. Not only is it compatible with the Enrollment Status Page, it also allows you to configure things like:
For detailed steps and requirements to set up Windows Autopilot user-driven mode for Hybrid Azure AD, as well as the Intune Connector for Active Directory, please see Windows Autopilot user-driven mode for hybrid Azure Active Directory join.
You can also watch this short video:
Earlier this year, we announced expanded partner support for Windows Autopilot, which helps make the registration process easier for new devices. We shared that Microsoft Surface, Dell, HP, Lenovo, and Toshiba are now participating device manufacturers for Windows Autopilot—with Panasonic and Acer coming soon. For existing devices, you could use a script to extract and upload device IDs to use with Windows Autopilot; however, this solution involved querying each device, which proved to be challenging for some organizations.
That is why we’re also excited to announce a new Microsoft Intune capability that will make it easier for you to use Windows Autopilot with existing devices by allowing you to automatically register all targeted devices with Windows Autopilot. Available as part of the Windows Autopilot deployment profile creation page in Intune, you will now be able to create a Windows Autopilot deployment profile and flag that profile so that it will automatically register any devices targeted by that profile into Windows Autopilot.
With this feature, you simply enable automatic Windows Autopilot registration in a deployment profile and target that profile to all devices in the organization. The next time a targeted device checks into Intune, it will be automatically registered into Windows Autopilot and show up in your list of registered devices.
In addition to the two new capabilities discussed above. Windows Autopilot can enable you to easily transform your existing Windows 7 domain-joined devices into Azure AD-joined devices running the latest version of Windows 10. For prerequisites and step-by-step instructions, see Windows Autopilot for existing devices. (And, to save up to 20 minutes during the deployment process, see Michael Niehaus’ blog post on Speeding up Windows Autopilot for existing devices.)
For truly zero-touch provisioning, Windows Autopilot also features self-deploying mode, which allows you to register a device in your Azure AD tenant, enroll the device in the your MDM solution, and ensure that all policies, applications, certificates, and networking profiles are provisioned on the device before the user ever logs on. For more information on this scenario, see Windows Autopilot Self-Deploying mode.
Whether you’re new to Windows Autopilot, or are looking to take the next step in leveraging this modern deployment method, we have resources to help you on your journey:
We also conducted two deep dive sessions at Microsoft Ignite that you can now watch on demand:
Continue the conversation. Find best practices. Bookmark the Windows 10 Tech Community.
Looking for support? Visit the Windows 10 IT pro forums.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.