Deployi Windows 10 With Autopilot in Microsoft 365 Endpoint Manager
Вставка
- Опубліковано 12 лип 2024
- In the past Windows deployment for many was the stuff of nightmares and many long nights. Now I'm delighted to say that with the cloud, it's a snip. Microsoft Endpoint Manager make the whole experience so much more pleasurable. So much so, that you might actually find time to catch up on some of those shows you've been missing on Netflix. In this episode I demo from start to finish deploying Windows 10 using the wonderful Autopilot in Endpoint Manager. Once managed, you can then control those machines with profiles, software updates and apps. Enjoy, and as alway I love your feedback and comments. Visit my website at www.Andymalone.org
- Наука та технологія
Really, really great stuff. I needed to get the "gist" of Intune in an hour. You cut right to the chase, you're a great teacher, and you have a very affable manner. Thank you!! Subscribed!
Awesome, thank you!
Thank you! I appreciate the valuable content that you always bring.
Thank you for the kind comment 😊👏
Really enjoying your videos on Microsoft Endpoint Management - Using them to compliment my study resources for the MD-101 exam. 👍
Thanks Dan I’m delighted to hear that and good luck with the exam. Let me know how you get on.😊👍
Thank you Andy. Very clear explaination.
You’re welcome 😊
Great video !!! Go ahead with more stuff like this
Thanks for your kind comment, and you’re very welcome.
Fantastic! Thank you for this
Hi Kevin, I'm delighted to hear that, and thanks for dropping by. :-)
you are an amazing teacher!
If you’re learning that is my goal. It means I’m doing something right 😊thanks for the kind comment.
Thanks Malone. nice!
great .. thank you
Thanks a lot
you're very welcome.
great video
Great video, thank you! :) Btw, i hope you meant to say "Delete my files" at 10:27 as you said "Keep my files" :D
Oops :-D
Andy, great video ! Thanks a lot for it.
I would like to ask you a question.
Is it possible to turn off the need to provide a second token (mobile phone or other telephone number) during the start up ?
I didn't found any button or other option to turn it off.....
Thanks in advance
Martin
Hi Martin. Hmm thats a good question. Honestly, I don't think so.
Amazing video, straight forward demonstration.
1. Is there a way to get the device id for all workstations in my company?
2. in case we are on a hybrid environment (Local AD & Azure AD) would this work ? although our users joined to the local domain?
2. Can we automate the process of onboarding devices to autopilot?
Many thanks.
Delighted you enjoyed the video :-) Answers to your questions 1 - Yes get the script at powershellgallery.com 2 - On prem required System Center Endpoint configuration manager (local branch) to admin on prem machines. Intune manages in cloud devices. The current branch bit extends the capabilities of SCCEM to include intune templates to manage both.
Thank you for your video Andy, really straight to the point. I've just a doubt, if I buy let's say 50 Laptop and the vendor got me the keys, so I add them to a group and they do not have windows installed on, how can I provide a version of windows to the laptop, with the license E5 which has also Windows enteprise? How can the laptops get the licenses and then install Windows just with the license?
Thank you in advance for the answer!
Since this video was produced things have been updated. I would advise you to take a quick look at learn.microsoft.com and the appropriate auto pilot documentation as there is a full walk-through guide here. Best of luck and thanks again.
Hey andy you look similar to Gary Barlow! lol good video btw
You crack me up man :-D I wish I had his money!
Andy, is there a way for devices to domain join the on-prem AD first before the azure AD join with auto-enrollment so to have a hybrid device? For my environment, this isnt an ideal solution since we have a lot of GPOs set that need to apply and a fully azure joined device will not inherit those policies. Thanks
No, unfortunately not. As I said in the video a PC can only either be a D joined or Azure AD joined. It’s a simple as that I’m afraid.
@Andy Malone MVP
Does this also for the win 10 pro version.
If an admin wants to change the wallpaper for all devices in intune who has win 10 pro, will it gonna work, if not, then what can we do?
The process allows you to do an upgrade of Windows 10 pro to Windows 10 enterprise addition. Everything else will work fine
Hi Andy can I ask a couple of stupid questions, whats the purpose of the dynamic group? Is it something that always needs to be setup? What happens to the device if you don't setup the group?
Hi Richard. Dynamic groups are awesome.. you assign permissions to a group or create a Microsoft team fir let’s say students in department -= year 3. Now in users create a user, place it the department called year 3. Save as a template. Now every student will automatically be a member of the year 3 team. Dynamic groups are essentially a series of automated rules. You set the groups up once, members will come and go but the groups and what they can do persist.
@@AndyMaloneMVP Hi Andy, thank you for the reply really appreciate it. I'll be using dynamic groups going forward 😀. Also great job on the UA-cam channel.
Thank you for the video; the presentation is crystal clear. I have noticed you enrolled one PC; what is the procedure if you have more than one PC that you need to deploy? I saw the answer below; however, would you consider doing a video? Also, I can enroll in the PC directly or through the Microsoft portal. Can you confirm? (I am a newbie).
The procedure are used to install VM was purely for demonstration purposes. In reality you would contact your vendor and obtain a CSV file containing machine IDs which you would then import. Alternatively if you have in-house machines you can use PowerShell. There are a number of scrips available at PowerShell gallery.com for this purpose. Thanks again and good luck.
@@AndyMaloneMVP thank you Andy
thank you for this
You’re welcome
Thanks a lot for this video :)
I may not have searched well enough until now, but I can't find any resource showing how to push applications to endpoint devices. Let's say you add a new user, and the moment they first log in, some apps of your choice get installed on the computer automatically.
Does Azure allow this ?
Yes Azure will do that
@@guilleni Thanks a lot, I'll take a look :)
You’re welcome
Great video , I have a question do you know what things you can try to understand why a software that was pushed through the intune fails would love for you to go through that process of troubleshooting:)
Nice to hear from you. There are a few things that you could try. First of all I will check to see if there are any software restriction policies either at the tenant or your policy level in intune. It could also be a licensing issue, or a problem with the vendor. Have a look at the Microsoft docs page for third-party applications, there are some good articles there. This is essentially the steps that I would try to fix the problem, I hope you have luck. All the best, Andy..
@@AndyMaloneMVP thank you very much I will take your advice and apply them . It would be great if you can maybe make a video on this subject would love to see you go through the basics of troubleshooting intune app deployment
Hello Andy.. Hope your doing well... Thanks for all your teaching videos... I want labs, to practice office 365 security and EMS.. Please suggest me.. And I had tried with AZURE but they are not accepting . Could
You please guide me.
Check out the Microsoft Learn website. they have some
Hybrid Joined & Auto Pilot. New laptop shipped to user and user logs in with AAD account which kicks off AP. How does the new system get hybrid joined?
It can’t! A laptop can either be Azure AD joined which is better, or hybrid Asher AD joined. It’s essentially which system has authority to authenticate the user and the device. Unfortunately it can only be one or the other.
Hi Andy, Is there a easier way to uninstall unwanted app that comes with the window 10 pc thru Intune (Endpoint Manager)?
If it’s a managed MSI app you just delete it in Intune. It will then uninstall.
Hi Andy, a quick question; are these steps still valid if I have to enroll existing devices to Intune. By existing, I mean lets say we have 100 users that are already being used by employees and we switched the license from E3 to E5 and now I have to Enroll those devices to intune!
Yes, although the interface has been updated, everything still works and the principles remain the same. I plan to do an updated video shortly.
@@AndyMaloneMVP thank you. I believe this can be done through GPO as well, right? and if someone doesn't see the MDM folder, then do we have to install administrative templates to the DC?
Hi Andy. I am working as an IT support agent and I came across some office that they can setup autopoilot to let the devices automatically install required softwares, I want to know how to add these required softwares from the endpoint manager page, I don't really see it includes in you vid. Can u slightly advise me ?
You cannot. You can only install the endpoint client here, which essentially is defender for endpoint. You can however also deployed this and other software theory in tune what devices would need to be registered in in tune. Check out the Microsoft tech community for more details.
@@AndyMaloneMVP Thank you!
Great! video ) :)
Andy, After watching your videos I thought to learn more and go with a certification. Want to know for server 2012/16 and office 365 exchange server which certification I should do? Could you suggest a video link or course where I can learn more for certification in-depth?
Forget server based certs. They’re dead, go with the cloud :-p
@@AndyMaloneMVP thanks Andy
Like I've said before, don't waste your time on Server certs, they're dead! focus on the cloud. Microsoft 365 etc. Details here docs.microsoft.com/en-us/learn/certifications/browse/?products=m365 and good luck :-)
@@AndyMaloneMVP thanks Andy ❤️
I would like to inform you that I recently cleared azure ai 900 and azure dp 900 and now preparing for az 900. Thanks for all motivation and videos knowledge you share :) :)
@@kartikpal156 Whoo hoo!! well done you!
Hi sir
I m an absolute beginner I want learn Microsoft Endpoint manager is there any way or course available I tried to search but in vain.
docs.microsoft.com/en-us/learn/ Is a great place to get started. and here docs.microsoft.com/en-gb/learn/modules/manage-devices-by-using-microsoft-intune/ and here docs.microsoft.com/en-gb/learn/modules/introduction-to-modern-management-in-microsoft-365/ and thanks for stopping by. I've also recorded some other endpoint videos as well. Good luck :-)
PS The official Microsoft course is MS 101
@@AndyMaloneMVP thank you for prompt response sir....
@@nadeembhat9450 You're welcome and good luck :-)
Correction MD 101
1. Can you deploy Windows 10 using Microsoft Intune ????
2. Can you deploy a custom Windows 10 image with all my LOB application & configuration in it ???
3. if you have shift workers, how many users can use that one device ???
Thanks for the Qs
1 - Absolutely! That's what it's designed for. But don't think of Intune in the traditional deployment sense. It's much easier. Modern management is the way forward here is an article that may be of interest to you. docs.microsoft.com/en-us/windows/client-management/manage-windows-10-in-your-organization-modern-management
Think about how you want to authenticate your clients. Azure or Windows AD. Intune can do pretty much all of what the old SCCM could do in the past.
2 - In Intune you use autopilot to create an OOBE Out of the box experience which configure users machines from the start. When the user logs on. Device, security and App configuration settings do the rest. So imaging is not required.
3 - Autopilot self deploying is suited to kiosk and shared devices. There is no user associated with the device. User driven is suited to 1:1 scenario and you can associate a user to a device. Most of this is covered here docs.microsoft.com/en-us/mem/autopilot/windows-autopilot-scenarios
I hope this his helps and welcome to my channel :-)
Great video Andy, but this way to enroll windows device is not usable now days ! if you are working in a company with more than 1000 PC , and you want o AutoPilot or as they aid OOBE, this video will not help i think
I’m afraid you are incorrect Sir. This method works perfectly well. All machines must be Azure AD joined and licensed. Here is a link to the current documentation docs.microsoft.com/en-us/mem/intune/enrollment/device-limit-intune-azure
Thanks, Andy for your answer.
The scanrio is :
Company X wants to start using Intune, there are like 1000 PC's not in the office but with the users or colleagues who lives in another city, how can we deploy/enroll or autopilot these devices if we don't have them in the office?
If you can provide me with a doc i can read i would appreciate that as i could not find any thing in google or Microsoft
Dear Andy
Can people book you for private sessions?
No unfortunately not I’m afraid. However I’d you one of my Patreon platinum subscribers I offer a monthly Zoom call in which we can talk and you can ask questions😊