Windows Autopilot, What is it? Buckle up, for a story.

Who doesn’t like the smell of a new device, that plasticky smell, that refreshing and magical feeling of opening the box and taking out your brand new device *Mmmm hmmm*, and that feeling is exactly what Microsoft wanted to amplify to every end user when they introduced Microsoft Autopilot. The feeling you get when you open a brand-new computer, powering it on and the computer just knowing who you are and gets you up and running in just a few clicks.

Microsoft set on easing the headaches of IT admins around the world introduced the Windows Autopilot in late 2017, adding more features over the years and now becoming the go to brand for almost every type of organization, rapidly gaining popularity with their services and integrating more and more services.

What is Windows Autopilot and why is it so important to organizations?

‘Autopilot’ in avionics is a system used to control the trajectory of an aircraft without constant ‘hands-on’ control by an operator being required – Wikipedia. So how does that apply here! You may ask. Just as the name suggests the set-up process of a new Windows 10 device can be set to Autopilot, that is no ‘hands-on’ control required from the end user or commonly referred to as zero-touch. Windows Autopilot is a cloud-based service developed by Microsoft that provides zero touch deployment of Windows 10 devices.

The introduction of Windows Autopilot has been a revolution in the field. Before its introduction, for a Windows 10 device to be set up the IT admins had to wipe the OS that came with the new device and replace it with a custom image which is a combination of the settings, policies, drivers and apps the organization wants to push to its end users.

This process had to be done for each and every device which was hard for the IT admins. The bigger organizations with thousands of devices and employees, it came with the compromise of high costs, time wastage and losing the new device feeling.

So how does Windows Autopilot work? Well, the set-up process for Windows Autopilot is as easy as 1…2….3…. It consists of 3 primary entities

1. The device vendor
2. The IT admin
3. The end user

The first step is device registration. When the device is purchased, the hardware vendor will automatically register the purchased device into Windows Autopilot deployment service.

The second step is to create a profile and set up the configuration. Once the organization has claimed the ownership of the device, the profile, set-up experience and configurations can be applied. The pre-set configurations are saved in the cloud. As soon as the device is connected to a network for set-up the configurations are pushed to it.

The third step is to ship the device to the end-user. When the user unboxes and starts the device, the custom set-up which was pre-configured will run and the user gets the customized organizational set-up for the device.

As far as the end-user is concerned all they have to do is unbox a brand-new device, power it on, connect to any network and enter their AzureAD credentials/ their organizational email id and password and the device goes into Windows Autopilot mode, downloading and setting up the device as per the configurations set by the organization.

You can be anywhere in the world and start the set-up but as soon as a network is connected the user is greeted by a customized setup page set by the organization.

Once the authentication is completed the device is going to enroll itself in AzureAD, MDM services like Hexnode MDM which pushes the apps set by the company and all this can be done under any network.

What’s special and where is Windows Autopilot headed?

OOBE or out-of-the-box experience is enhanced by Windows Autopilot, but doesn’t it mean that the first user to set up the device gets Admin privileges? Yes, it’s true. The first user to set up a device gets Admin privileges but that isn’t something that the organization want for all their employees.

• • Windows Autopilot enables the organization to deny admin privileges to the first-time device user. The only way for a first-time device user to be a non-Admin user is via Windows Autopilot setup.
  • Plug and Forget is a relatively new setup process for Windows Autopilot where the end users only have to connect an ethernet cable or connect to a network and turn on the device. The setup process starts and completes automatically without any user intervention at all.

• Windows Autopilot has a Tenant Lockdown feature where once a device is set up and added to this program, if the device disappears either accidentally or intentionally and someone tries to reset it, when windows comes back and connects to a network the device will know that it is locked to a particular tenant and set up according to the organizational policies and comes back into the kiosk mode rendering it useless to others.
• White glove is a feature for Windows Autopilot aimed at saving the end user’s time. Here the vendors pre-provision the devices via wired connection before the device is shipped to the end-user. The major downloads and installs will all be completed before the device reaches the user and hence the users experience a very fast setup process.
• Windows Autopilot can also be used to set a device name schema so that the devices have a predefined naming convention.

What role does Windows Autopilot play in device Management?

Windows Autopilot is similar to Apple’s Device Enrollment Program as it can be used to enroll (bulk enrollment via CSV) devices into the MDM service. Windows 10 includes MDM support that can be controlled by management solutions, like System Center Configuration Manager, or third-party endpoint management solutions like Hexnode MDM.

The service can be used to setup a custom setup menu, choose what all setup policies can be skipped, password policies, etc can be preconfigured to the new device and what the end-user gets is a highly customized business-ready device ready to go with minimal setup, truly “plug and forget”.

What does this mean for the end-user?

Windows Autopilot brings together Windows 10, Azure AD, MDMs and MS-Office into a seamless cohesive experience. “In many ways, Windows Autopilot truly embodies the essence of Microsoft 365” – Siddharth Mantri, the brains behind Windows Autopilot.

Windows Autopilot Deployment feature is on our roadmap and will be made available for you in a short period of time.

A product that changed the way IT handles device deployment, more than just a setup assistant that’s Windows Autopilot for you, a product with more features being added to assist IT admins and enhances user experience.