This is part 2 of the modern management series. In this article we will prepare Intune for Autopilot.
Groups
We are going to use groups to assign the auto pilot devices to profiles. This will make us able to control per role setting and deployments. I will suggest that you find a naming standard that make sense for you.
Sign-in to Microsoft Intune admin center -> Click Groups | |
Click New group | |
Add Group name Add Group description (Optional) Choose Dynamic Device Click Add dynamic query | |
Click Edit | |
Paste the following query: (device.devicePhysicalIds -any _ -contains “[ZTDId]”) and (device.devicePhysicalIds -any _ -eq “[OrderId]:OFFICE”) In this example I tag the pc’s in the group as “Office” Click Ok | |
Click Save | |
Click Create | |
You should now see the group that you have created. I have created more than one group as I want to be able to assign pcs to different profiles. |
Applications for deployment profile
Add the application that you want to be installed during enrollment. In this example I will add two applications. Microsoft Edge and Company portal.
Click Apps -> Click Windows | |
Click Add | |
Select Microsoft Store app (new) -> Click Select | |
Click -> Select | |
Click Search the Microsoft Store app (new) | |
Search for company portal -> Mark it -> Click Select | |
Modify the setting to your needs -> Click Next | |
Add Assignments to your needs -> Click Next | |
Review the setting -> Click Create |
Autopilot Deployment Profile
In the deployment profiles we choose what behavior we want when a pc being enrolled.
Click Devices -> Windows | |
Click Windows enrollment -> Automatic Enrollment | |
Verify the Automatic Enrollment setting -> Click Windows | Windows enrollment |
Windows Hello for Business
You can enable and define requirements in “Windows Hello for Business”
Click Windows Hello for Business | |
Enable Windows Hello for Business and modify the settings as you would like them to be -> Click Save -> Close Windows Hello for Business window. |
Enrollment Status Page
Click Enrollment Status Page | |
Click Create | |
Add a Name -> Click Next | |
Select the setting that you desire. Just be aware about “Blocking apps”. You have to make sure that they get installed otherwise the enrollment will break. Click Next | |
Assign it to the group that we crated earlier. Click Next | |
Click Next | |
Review the settings Click Create | |
You can now see the profile on the enrollment page |
Deployment Profiles
Click Enrollment Status Page | |
Click Create profile -> Windows PC | |
Enter a Name -> Click Next | |
Choose the setting that you want -> Click Next | |
Assign the Office group that we created earlier -> Click Next | |
Review the setting -> Click Create | |
Create the number of profiles that you need in your environment. |
Intune is now setup with some basic setting to get started. Continue to part 3 to prepare a pc for enrollment.