Great video as always lot of information I didn’t know before watching ! Learnt few things by following along and getting stuck and troubleshooting . If anyone is having issues installing the modules make sure the powershell ise is x64 rather than x84 otherwise you can’t import the module and connect to the msgraph.
You make such great videos on Intune. Really appreciated. Any chance you can create a full video series on how to get started with Autopilot? Including software deployments based on different businesses? We currently use old images and Intune would help is solve a lot of problems. Where to start though is the question.
Thank you very much for that comment. I got videos about getting started with Autopilot, in this serie you setup your own Intune and after a few videos we prepare and execute a Autopilot Windows 11 installation: ua-cam.com/play/PL1JNh3sw_QyeQfevr55JaTHmDQUd9nNrh.html For Software deployment, I also got a serie: ua-cam.com/play/PL1JNh3sw_Qyc9Zt8rah7QP1vAY0X6An79.html Software based on different business is a good idea, I could do a video about that, it would basically be Azure AD groups that read users Department, and then target Win32 app to those groups on user level, so if a Sales user login to it's Intune device it get the Sales Win32 app installed, something like that?
Interesting idea, I could see using this method for cold storage (spare) backup devices but I think I would still like a record of it in Autopilot. I think I will still stay with PPKGs for provisioning devices.
Thanks Christopher, great idea, and I think you are spot on, it could be used for spare/devices that you might not use and therefore don't want to clutter your hardware hash import with an entry that probably won't be used. Not super useful, but good to know about and shows a bit how Autopilot works in the behind the scene, that Microsoft in Azure store this data, and that it is those values that get sent down to the client if you have imported the hardware hash. I find it interesting and good for understanding. If you right now are on an Autopioted device, you can go to Registry and see these values there also: Computer\HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Provisioning\Diagnostics\AutoPilot
Well done, thanks. I can think of several reasons, you said existing Windows 10 device, did you RESET the device? the JSON files only work if the device is in OOBE state (Out of Box eperience) If it is in OOBE, is the JSON file correctly format ANSI (not UTF-8 or alike)? If that is also true, do you in your Intune tenant have set a minimum allowed OS, and does this Windows 10 device apply to that minimum OS version?
You can during the OOBE press SHIFT + F10 and you get a black command prompt, there type in: explorer.exe Then you get the file explorer, then insert a USB key with your JSON file, and copy it to the folder. You will need to restart after that and the OOBE continue again
If i run this and device goes back to oobe. And I after the json install is done and I add device hash to intune. What is there a point in running this first? Will it save me any time when I rerun autopilot? I dont get the win.
Recommended is that your vendor push the hardwareID into your tenant. If for some reason someone buy a device outside your process, or Dell/HP repair and change mother board, the hardware hash/id is invalid. Then you could remote in with Quick Assist and add the json file to get it Autopilot and once back in you can import it. I have used this a few time, not so useful, I think the main take away with this, is to understand HOW Autopilot works, and if you follow this video you will probably have a better understanding how it works, that was at least my experience.
Lewis, that is an excellent question, not very often. In real world I have seen it used for remote technicians (or none technicians) that doesn't have permission to import hardware hash. Some build a USB stick and a script that copy in the json file. Best is of course to import the hardware hash, if you later refresh/reset the device and so on. I find this interesting to learn more about how Autopilot works behind the scene more than it is really useful, it can be in certain scenarios but should not be the standard way.
@@IntuneVitaDoctrina so does this method still add the device into the autopilot list to then apply a device tag? If not then also we wouldn't be able to perform a remote wipe of the device among other functions
You are using RBAC to manage permission, and need the scope tag of a value for technicians to have the permission to execute remote wipe? It will not add the hardwareHash so if you look in for example devices under AzureAD you will see the icon differently. Nothing stops you from adding the tag with a script or manually in Intune console under devices and properties and under Scope (tags) add it. In your case I would use this method only in rare cases and require manual adding the tag after. Sorry maybe not a video for you, hope you maybe learnt something about the JSON files value and how Autopilot works in the background
Great video as always lot of information I didn’t know before watching ! Learnt few things by following along and getting stuck and troubleshooting . If anyone is having issues installing the modules make sure the powershell ise is x64 rather than x84 otherwise you can’t import the module and connect to the msgraph.
Thank you so much! and excellent advice to not start the 32-bit PowerShell ISE
Nice video again John! Thank you!
You make such great videos on Intune. Really appreciated. Any chance you can create a full video series on how to get started with Autopilot? Including software deployments based on different businesses? We currently use old images and Intune would help is solve a lot of problems. Where to start though is the question.
Thank you very much for that comment.
I got videos about getting started with Autopilot, in this serie you setup your own Intune and after a few videos we prepare and execute a Autopilot Windows 11 installation:
ua-cam.com/play/PL1JNh3sw_QyeQfevr55JaTHmDQUd9nNrh.html
For Software deployment, I also got a serie:
ua-cam.com/play/PL1JNh3sw_Qyc9Zt8rah7QP1vAY0X6An79.html
Software based on different business is a good idea, I could do a video about that, it would basically be Azure AD groups that read users Department, and then target Win32 app to those groups on user level, so if a Sales user login to it's Intune device it get the Sales Win32 app installed, something like that?
Interesting idea, I could see using this method for cold storage (spare) backup devices but I think I would still like a record of it in Autopilot. I think I will still stay with PPKGs for provisioning devices.
Thanks Christopher, great idea, and I think you are spot on, it could be used for spare/devices that you might not use and therefore don't want to clutter your hardware hash import with an entry that probably won't be used.
Not super useful, but good to know about and shows a bit how Autopilot works in the behind the scene, that Microsoft in Azure store this data, and that it is those values that get sent down to the client if you have imported the hardware hash. I find it interesting and good for understanding.
If you right now are on an Autopioted device, you can go to Registry and see these values there also:
Computer\HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Provisioning\Diagnostics\AutoPilot
Great video. I created a JSON file and put in one of the existing Windows 10 devices, but it's not booting on the autopilot file. Any recommendation?
Well done, thanks.
I can think of several reasons, you said existing Windows 10 device, did you RESET the device? the JSON files only work if the device is in OOBE state (Out of Box eperience)
If it is in OOBE, is the JSON file correctly format ANSI (not UTF-8 or alike)?
If that is also true, do you in your Intune tenant have set a minimum allowed OS, and does this Windows 10 device apply to that minimum OS version?
Thank you for the quick reply. I will try to reset the device and try again.
Good luck , going to sleep now but please keep me posted how it goes :) thanks
@@IntuneVitaDoctrina I have reset the device, but how can I copy the JSON file to the autopilot folder?
You can during the OOBE press SHIFT + F10 and you get a black command prompt, there type in: explorer.exe
Then you get the file explorer, then insert a USB key with your JSON file, and copy it to the folder.
You will need to restart after that and the OOBE continue again
Tack!! :)
If i run this and device goes back to oobe. And I after the json install is done and I add device hash to intune. What is there a point in running this first? Will it save me any time when I rerun autopilot? I dont get the win.
Recommended is that your vendor push the hardwareID into your tenant. If for some reason someone buy a device outside your process, or Dell/HP repair and change mother board, the hardware hash/id is invalid.
Then you could remote in with Quick Assist and add the json file to get it Autopilot and once back in you can import it.
I have used this a few time, not so useful, I think the main take away with this, is to understand HOW Autopilot works, and if you follow this video you will probably have a better understanding how it works, that was at least my experience.
How and why would you use this in the real world though?
Lewis, that is an excellent question, not very often. In real world I have seen it used for remote technicians (or none technicians) that doesn't have permission to import hardware hash. Some build a USB stick and a script that copy in the json file.
Best is of course to import the hardware hash, if you later refresh/reset the device and so on.
I find this interesting to learn more about how Autopilot works behind the scene more than it is really useful, it can be in certain scenarios but should not be the standard way.
@@IntuneVitaDoctrina so does this method still add the device into the autopilot list to then apply a device tag? If not then also we wouldn't be able to perform a remote wipe of the device among other functions
You are using RBAC to manage permission, and need the scope tag of a value for technicians to have the permission to execute remote wipe?
It will not add the hardwareHash so if you look in for example devices under AzureAD you will see the icon differently.
Nothing stops you from adding the tag with a script or manually in Intune console under devices and properties and under Scope (tags) add it.
In your case I would use this method only in rare cases and require manual adding the tag after.
Sorry maybe not a video for you, hope you maybe learnt something about the JSON files value and how Autopilot works in the background